New NOSANDBOX permission to remove sandboxed iframe restrictions

2018-02-21 03:12:51 +01:00 · 2018-02-21 03:12:51 +01:00 · 6afe2dd720
commit 6afe2dd720
parent aef3ecc3f2
2 changed files with 7 additions and 0 deletions
--- a/src/Ui/UiRequest.py
+++ b/src/Ui/UiRequest.py
@ -368,6 +368,10 @@ class UiRequest(object):

        sandbox_permissions = ""

+        if "NOSANDBOX" in site.settings["permissions"]:
+            sandbox_permissions += " allow-same-origin"
+
+
        if show_loadingscreen is None:
            show_loadingscreen = not site.storage.isFile(file_inner_path)

@ -448,6 +452,7 @@ class UiRequest(object):

        address = path_parts["address"]
        file_path = "%s/%s/%s" % (config.data_dir, address, path_parts["inner_path"])
+
        if config.debug and file_path.split("/")[-1].startswith("all."):
            # If debugging merge *.css to all.css and *.js to all.js
            site = self.server.sites.get(address)
--- a/src/Ui/UiWebsocket.py
+++ b/src/Ui/UiWebsocket.py
@ -760,6 +760,8 @@ class UiWebsocket(object):
    def actionPermissionDetails(self, to, permission):
        if permission == "ADMIN":
            self.response(to, _["Modify your client's configuration and access all site"] + " <span style='color: red'>" + _["(Dangerous!)"] + "</span>")
+        elif permission == "NOSANDBOX":
+            self.response(to, _["Full access to site data, cookie and local storage of all site."])
        else:
            self.response(to, "")