Age | Commit message (Collapse) | Author | Files | Lines |
|
There are a number of situations that come up in developement, where it
is very useful to launch phosphor-webui from a remote host. Currently
this is disallowed based on the bmcweb security posture.
This commit makes the BMCWEB_INSECURE_DISABLE_XSS_PREVENTION much more
useful, by actually applying the headers that would allow one to launch
the webui from a remote system successfully.
Tested by:
Adding BMCWEB_INSECURE_DISABLE_XSS_PREVENTION=ON to the cmake options
in the bitbake file, then launching phosphor-webui using
npm run-script server
WebUI logged in without issue
Change-Id: I2b7fe53aab611536b4b27b2704e20d098507a5e7
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
|
|
Got a couple patches that collided in air, and now builds are broken.
This resolves the collision by moving the new patches forward to the
latest #defines
Change-Id: I1fe35d17a68c61ad90752ae73000e2579131bf5d
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
|
|
This patchset moves bmcweb over to the upstream style naming
conventions for variables, classes, and functions, as well as imposes
the latest clang-format file.
This changeset was mostly built automatically by the included
.clang-tidy file, which has the ability to autoformat and auto rename
variables. At some point in the future I would like to see this in
greater use, but for now, we will impose it on bmcweb, and see how it
goes.
Tested: Code still compiles, and appears to run, although other issues
are possible and likely.
Change-Id: If422a2e36df924e897736b3feffa89f411d9dac1
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
|
|
- SessionStore class now has a proper singleton structure
- session_storage_singleton.hpp is removed
- from_json(..) function for SessionStore is changed to a specialized
template
- minor cosmetic fixes added
- Move the template class usages of Crow App over to a non-template
parameter
Change-Id: Ic9effd5b7bac089a84c80a0caa97bd46d4984416
Signed-off-by: Borawski.Lukasz <lukasz.borawski@intel.com>
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
|
|
This should allow keeping closer to the upstream yocto recipes, and
avoid excess code in the repo
Change-Id: Ib66f7cf69b68bb23f9789580beadf8344cb68cfa
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
|
|
- getSubroutes() is now a method of the Node class
- getSubroutes() is called only once per node at construction time,
not at each GET request
- template parameter removed from the Node class
Change-Id: Ie4eb8766717aae566c13c295458fe0dba8ab84c0
Signed-off-by: Borawski.Lukasz <lukasz.borawski@intel.com>
|