Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CSP Update #288

Closed
wants to merge 17 commits into from
Closed

CSP Update #288

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
f288280
cls fix test #2
Jun 20, 2023
5d72f32
cls fix test #2
Jun 20, 2023
3a1e994
MWPW-133581 - bg, ee, lt, lv, ua, si locales
draganalilly021 Jul 14, 2023
d7841bf
Merge pull request #280 from adobecom/mwpw-133581-bg-tt-lt-lv-ua-si-l…
Blainegunn Jul 18, 2023
cadfa16
MWPW-133691 - browser extension popup to bottom right
draganalilly021 Jul 19, 2023
3a33873
MWPW-133942
Jul 20, 2023
72ffe6f
Merge pull request #286 from adobecom/MWPW-133942
Blainegunn Jul 20, 2023
2a16714
Merge pull request #285 from adobecom/mwpw-133691-browser-extension-p…
Blainegunn Jul 20, 2023
250720f
mwpw-129281
Jul 20, 2023
65eda6d
Show widget section immediately
auniverseaway Jul 20, 2023
4d8ab67
DCXY-18423 add child-src rule, with blob: for dev and stage
Jul 23, 2023
543f239
animation
Jul 23, 2023
7a34bed
Merge pull request #287 from adobecom/ajs-csp
Blainegunn Jul 23, 2023
af6c7f2
Merge pull request #267 from adobecom/MWPW-129281_v2
Blainegunn Jul 23, 2023
b84ee2b
Update CSP: dev.js
dc-csp-update Jul 24, 2023
5f47e8b
Update CSP: prod.js
dc-csp-update Jul 24, 2023
e6a2c46
Update CSP: stage.js
dc-csp-update Jul 24, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 7 additions & 6 deletions acrobat/blocks/dc-converter-widget/dc-converter-widget.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,16 +15,16 @@ const localeMap = {
'cy_en': 'en-cy',
'dk': 'da-dk',
'de': 'de-de',
'ee': 'en-ee',
'ee': 'et-ee',
'es': 'es-es',
'fr': 'fr-fr',
'gr_en': 'en-gr',
'gr_el': 'el-gr',
'ie': 'en-ie',
'il_en': 'en-il',
'it': 'it-it',
'lv': 'en-lv',
'lt': 'en-lt',
'lv': 'lv-lv',
'lt': 'lt-lt',
'lu_de': 'de-lu',
'lu_en': 'en-lu',
'lu_fr': 'fr-lu',
Expand All @@ -39,17 +39,17 @@ const localeMap = {
'pt': 'pt-pt',
'ro': 'ro-ro',
'ch_de': 'de-ch',
'si': 'si-si',
'si': 'sl-si',
'sk': 'sk-sk',
'ch_fr': 'fr-ch',
'fi': 'fi-fi',
'se': 'sv-se',
'ch_it': 'it-ch',
'tr': 'tr-tr',
'uk': 'en-uk',
'bg': 'en-bg',
'bg': 'bg-bg',
'ru': 'ru-ru',
'ua': 'ua-ua',
'ua': 'uk-ua',
'au': 'en-au',
'hk_en': 'en-hk',
'in': 'en-in',
Expand Down Expand Up @@ -117,6 +117,7 @@ let langFromPath = url.pathname.split('/')[1];
const pageLang = localeMap[langFromPath] || 'en-us';

export default function init(element) {
element.closest('main > div').dataset.section = 'widget';
const widget = element;
const DC_WIDGET_VERSION_FALLBACK = '2.40.0_1.172.1';
const DC_GENERATE_CACHE_VERSION_FALLBACK = '1.172.1';
Expand Down
17 changes: 17 additions & 0 deletions acrobat/blocks/eventwrapper/eventwrapper.css
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,8 +38,25 @@ body:not([data-current-event]) [data-event-name=onload] {

[data-current-event=complete] .fake-dc-wrapper,
[data-current-event=complete] #CID,
[data-current-event=start] #CID,
[data-current-event=uploadcomplete] .fake-dc-wrapper,
[data-current-event=uploadcomplete] #CID {
top: 30px;
position: relative;
}

.review.fade-in {
animation-duration: 3s;
animation-name: fade-in;
}


@keyframes fade-in {
0% {
opacity: 0;
}

100% {
opacity: 1;
}
}
8 changes: 6 additions & 2 deletions acrobat/blocks/eventwrapper/eventwrapper.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,11 @@ const DROPZONE_DIS = 'dropzone-displayed';
const PREVIEW_DIS = 'preview-displayed';
const TRY_ANOTHER = 'try-another-file-start';
// const UPSELL_DIS = 'upsell-displayed';
const FADE = 'review fade-in';

export default function init(element) {
const wrapper = element;
const reviewBlock = document.querySelectorAll('.review');
const setCurrentEvent = (event) => {
if (document.querySelectorAll(`[data-event-name="${event}"]`).length > 0) {
document.body.dataset.currentEvent = event;
Expand Down Expand Up @@ -49,7 +51,6 @@ export default function init(element) {
}else{
browserExtAlloy('modalExist', browserName);
}

});
} else {
window.dispatchEvent(event);
Expand All @@ -62,7 +63,6 @@ export default function init(element) {
let browserName = parser.getBrowserName();
let extID;
if (e === PROCESS_START) converterAnalytics();

if (e === CONVERSION_COM && parser.parsedResult.platform.type === 'desktop'
|| e === PREVIEW_DIS && parser.parsedResult.platform.type === 'desktop') {
// Browser Extension
Expand Down Expand Up @@ -97,6 +97,7 @@ export default function init(element) {
break;
case UPLOAD_START:
setCurrentEvent('upload');
if (reviewBlock[0]) { reviewBlock[0].classList.add('hide'); };
break;
case UPLOAD_COMPLETE:
setCurrentEvent('uploadcomplete');
Expand All @@ -112,12 +113,15 @@ export default function init(element) {
break;
case CONVERSION_COM:
setCurrentEvent('complete');
if (reviewBlock[0]) { reviewBlock[0].classList = FADE; };
break;
case PREVIEW_GEN:
setCurrentEvent('preview');
if (reviewBlock[0]) { reviewBlock[0].classList = FADE; };
break;
case DROPZONE_DIS:
setCurrentEvent(DROPZONE_DIS);
if (reviewBlock[0]) { reviewBlock[0].classList = FADE; };
break;
case DOWNLOAD_START:
setCurrentEvent('download');
Expand Down
3 changes: 2 additions & 1 deletion acrobat/scripts/contentSecurityPolicy/csp.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,8 @@ async function getCspEnv() {
export default async function ContentSecurityPolicy() {
const { default: ENV } = await getCspEnv();

const theCSP = `connect-src ${ENV.connectSrc.join(' ')}\
const theCSP = `child-src ${ENV.childSrc.join(' ')}\
connect-src ${ENV.connectSrc.join(' ')}\
default-src ${ENV.defaultSrc.join(' ')}\
font-src ${ENV.fontSrc.join(' ')}\
form-action ${ENV.formAction.join(' ')}\
Expand Down
113 changes: 112 additions & 1 deletion acrobat/scripts/contentSecurityPolicy/dev.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
const childSrc = [
'\'self\'',
'blob:',
';',
];

const connectSrc = [
'\'self\'',
'blob:',
Expand Down Expand Up @@ -48,6 +54,31 @@ const connectSrc = [
'*.hlx.page',
'*.hlx.live',
'cdn.linkedin.oribi.io',
'345-tti-184.mktoutil.com',
'adservice.google.com',
'rum.hlx.page',
'us-central1-adaptive-growth.cloudfunctions.net',
'360-kci-804.mktoresp.com',
'analytics.google.com',
'api.ultimateadb.com',
'c.clicktale.net',
'cdnmd.global-cache.online',
'ff.kis.v2.scr.kaspersky-labs.com',
'gc.kes.v2.scr.kaspersky-labs.com',
'gc.kis.v2.scr.kaspersky-labs.com',
'ip.x2convert.com',
'me.kes.v2.scr.kaspersky-labs.com',
'me.kis.v2.scr.kaspersky-labs.com',
'pagead2.googlesyndication.com',
'pdfnow.adobe.io',
'searchaggr-dra.dt.dbankcloud.com',
'tl.ytlogs.ru',
'tr.snapchat.com',
'translate.googleapis.com',
'trial-eum-clientnsv4-s.akamaihd.net',
'trial-eum-clienttons-s.akamaihd.net',
'www.google.com',
'tm.filter:1506',
';',
];

Expand All @@ -60,6 +91,16 @@ const defaultSrc = [
const fontSrc = [
'\'self\'',
'use.typekit.net',
'fonts.gstatic.com',
'appdown.pstatic.net',
'assets.merci-app.com',
'at.alicdn.com',
'cdn.jsdelivr.net',
'fast.fonts.net',
'fc652372aa05f6ec093286fe86f2057df39e68f7-m.eu-proxy.startpage.com',
'fonts.bunny.net',
'static.zohocdn.com',
'svcs.tql.com',
';',
];

Expand Down Expand Up @@ -93,6 +134,32 @@ const frameSrc = [
'www.facebook.com',
'www.youtube.com',
's.company-target.com',
'notify.bluecoat.com',
'block.opendns.com',
'bpb.opendns.com',
'cn-1793901926-23-7vnsr30362.ibosscloud.com',
'cookieaquila.com',
'gateway.bogd.local',
'gateway.zscalerthree.net',
'gateway.zscalertwo.net',
'gateway.zscloud.net',
'it.sanmina.com',
'lordanavid.com',
'makeviraltrends.com',
'mozbar.moz.com',
'panpac.pfizer.com',
'pixel.everesttech.net',
'pwm-image.trendmicro.jp',
'redirect.isolation.zscaler.com',
'safe.menlosecurity.com',
'siteblocked.nauka.gov.pl',
'td.doubleclick.net',
'tr.snapchat.com',
'trendlavida.com',
'videogamewatch1.com',
'web.mpsp.mp.br',
'www.searchfor.org',
'zswpmanager.wip.mmc.com',
';',
];

Expand Down Expand Up @@ -139,6 +206,50 @@ const imgSrc = [
'fast-track--milo--adobecom.hlx.live',
'*.hlx.page',
'*.hlx.live',
'analytics.tiktok.com',
'l.clicktale.net',
'mir-s3-cdn-cf.behance.net',
'www.google.ca',
'www.google.ci',
'www.google.co.id',
'www.google.co.il',
'www.google.co.kr',
'www.google.co.th',
'www.google.co.uk',
'www.google.co.za',
'www.google.com',
'www.google.com.ar',
'www.google.com.gh',
'www.google.com.hk',
'www.google.com.kw',
'www.google.com.mx',
'www.google.com.my',
'www.google.com.ng',
'www.google.com.ph',
'www.google.com.pr',
'www.google.com.sa',
'www.google.com.tr',
'www.google.com.tw',
'www.google.com.vn',
'www.google.cz',
'www.google.de',
'www.google.dk',
'www.google.fr',
'www.google.it',
'www.google.nl',
'www.google.pl',
'www.google.pt',
'www.google.se',
'cdn.css-tricks.com',
'a5.behance.net',
'ad.doubleclick.net',
'adservice.google.com',
'alb.reddit.com',
'analytics.twitter.com',
'c.clicktale.net',
'cdn.honey.io',
'fonts.gstatic.com',
'googleads.g.doubleclick.net',
';',
];

Expand Down Expand Up @@ -225,4 +336,4 @@ const workerSrc = [
// TRY This
// use variables for the different domians

export default { connectSrc, defaultSrc, fontSrc, formAction, frameSrc, imgSrc, manifestSrc, scriptSrc, styleSrc, workerSrc};
export default { childSrc, connectSrc, defaultSrc, fontSrc, formAction, frameSrc, imgSrc, manifestSrc, scriptSrc, styleSrc, workerSrc};
Loading
Loading