external/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-03-09 15:40:18 +00:00
Code Issues Releases Wiki Activity

Session IP binding, MeshCtrl Invite Link

Browse source
This commit is contained in:
Ylian Saint-Hilaire 2019-09-23 11:45:10 -07:00
parent a259e4f21f
commit 60bce86622
7 changed files with 77 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

7
webserver.js
View file

@ -3173,9 +3173,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// { 'Referrer-Policy': 'no-referrer', 'x-frame-options': 'SAMEORIGIN', 'X-XSS-Protection': '1; mode=block', 'X-Content-Type-Options': 'nosniff', 'Content-Security-Policy': "default-src http: ws: data: 'self';script-src http: 'unsafe-inline';style-src http: 'unsafe-inline'" };
if ((domain != null) && (domain.httpheaders != null) && (typeof domain.httpheaders == 'object')) {
res.set(domain.httpheaders);
}
/*
else {
} else {
// Use default security headers
res.set({
"X-Frame-Options": "sameorigin",
@ -3185,10 +3183,9 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
"Content-Security-Policy": "default-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; frame-src 'self'; media-src 'self'"
});
}
*/
// Check the session if bound to the external IP address
//if ((req.session.ip != null) && (req.ip != null) && (req.session.ip != req.ip)) { req.session = {}; }
if ((req.session.ip != null) && (req.ip != null) && (req.session.ip != req.ip)) { req.session = {}; }
// Detect if this is a file sharing domain, if so, just share files.
if ((domain != null) && (domain.share != null)) {