From 6afe2dd7209d80c1a1630c8b3634510f1277e2b5 Mon Sep 17 00:00:00 2001 From: shortcutme Date: Wed, 21 Feb 2018 03:12:51 +0100 Subject: [PATCH] New NOSANDBOX permission to remove sandboxed iframe restrictions --- src/Ui/UiRequest.py | 5 +++++ src/Ui/UiWebsocket.py | 2 ++ 2 files changed, 7 insertions(+) diff --git a/src/Ui/UiRequest.py b/src/Ui/UiRequest.py index 4f8e9b89..65cd3348 100644 --- a/src/Ui/UiRequest.py +++ b/src/Ui/UiRequest.py @@ -368,6 +368,10 @@ class UiRequest(object): sandbox_permissions = "" + if "NOSANDBOX" in site.settings["permissions"]: + sandbox_permissions += " allow-same-origin" + + if show_loadingscreen is None: show_loadingscreen = not site.storage.isFile(file_inner_path) @@ -448,6 +452,7 @@ class UiRequest(object): address = path_parts["address"] file_path = "%s/%s/%s" % (config.data_dir, address, path_parts["inner_path"]) + if config.debug and file_path.split("/")[-1].startswith("all."): # If debugging merge *.css to all.css and *.js to all.js site = self.server.sites.get(address) diff --git a/src/Ui/UiWebsocket.py b/src/Ui/UiWebsocket.py index 318dcf87..26a78129 100644 --- a/src/Ui/UiWebsocket.py +++ b/src/Ui/UiWebsocket.py @@ -760,6 +760,8 @@ class UiWebsocket(object): def actionPermissionDetails(self, to, permission): if permission == "ADMIN": self.response(to, _["Modify your client's configuration and access all site"] + " " + _["(Dangerous!)"] + "") + elif permission == "NOSANDBOX": + self.response(to, _["Full access to site data, cookie and local storage of all site."]) else: self.response(to, "")