Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Inline oc.js when possible! #1917

Merged
merged 4 commits into from
Oct 25, 2016
Merged

Inline oc.js when possible! #1917

merged 4 commits into from
Oct 25, 2016

Conversation

rullzer
Copy link
Member

@rullzer rullzer commented Oct 25, 2016

With #1871 in we can now do fancy pancy stuff. Like inline javascript safely.

This PR bring you the inlining of oc.js. This file was loaded on each pageload separatly and was a blocking call! Now if your browser support CSPv3 it will inline the file saving you a blocking (non cacheable request!).

  • Move oc.js generation to helper class
  • Move CSPv3 test
  • Inline oc.js when possible

@LukasReschke as discussed!

CC: @MorrisJobke @nickvergessen @icewind1991

@rullzer rullzer added enhancement 3. to review Waiting for reviews labels Oct 25, 2016
@rullzer rullzer added this to the Nextcloud 11.0 milestone Oct 25, 2016
@mention-bot
Copy link

@rullzer, thanks for your PR! By analyzing the history of the files in this pull request, we identified @LukasReschke, @DeepDiver1975 and @icewind1991 to be potential reviewers.

Copy link
Member

@LukasReschke LukasReschke left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome! Some nitpicks are still existent though ;)

/** @var JSConfigHelper */
private $helper;

public function __construct($appName,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A kingdom for PHPDocs 🚀

@@ -18,6 +18,11 @@
<?php foreach($_['printcssfiles'] as $cssfile): ?>
<link rel="stylesheet" href="<?php print_unescaped($cssfile); ?>" media="print">
<?php endforeach; ?>
<?php if (isset($_['inline_ocjs'])): ?>
<script nonce="<?php p(\OC::$server->getContentSecurityPolicyNonceManager()->getNonce()) ?>" type="text/javascript">
<?php echo($_['inline_ocjs']); ?>
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

print_unescaped? :)

@@ -19,6 +19,11 @@
<?php foreach($_['printcssfiles'] as $cssfile): ?>
<link rel="stylesheet" href="<?php print_unescaped($cssfile); ?>" media="print">
<?php endforeach; ?>
<?php if (isset($_['inline_ocjs'])): ?>
<script nonce="<?php p(\OC::$server->getContentSecurityPolicyNonceManager()->getNonce()) ?>" type="text/javascript">
<?php echo($_['inline_ocjs']); ?>
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

print_unescaped? :)

@@ -26,6 +26,11 @@
<?php foreach($_['printcssfiles'] as $cssfile): ?>
<link rel="stylesheet" href="<?php print_unescaped($cssfile); ?>" media="print">
<?php endforeach; ?>
<?php if (isset($_['inline_ocjs'])): ?>
<script nonce="<?php p(\OC::$server->getContentSecurityPolicyNonceManager()->getNonce()) ?>" type="text/javascript">
<?php echo($_['inline_ocjs']); ?>
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

print_unescaped? :)

@@ -102,7 +105,8 @@ public function __construct(IRequest $request,
$isLoggedIn,
$isAdminUser,
ContentSecurityPolicyManager $contentSecurityPolicyManager,
CsrfTokenManager $csrfTokenManager) {
CsrfTokenManager $csrfTokenManager,
ContentSecurityPolicyNonceManager $cspNonceManager) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Update PHPDoc? ;)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
@rullzer
Copy link
Member Author

rullzer commented Oct 25, 2016

@LukasReschke fixed

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
@LukasReschke
Copy link
Member

Good stuff! 👍

@codecov-io
Copy link

Current coverage is 57.34% (diff: 3.01%)

Merging #1917 into master will decrease coverage by 0.17%

@@             master      #1917   diff @@
==========================================
  Files          1076       1078     +2   
  Lines         61310      61498   +188   
  Methods        6871       6875     +4   
  Messages          0          0          
  Branches          0          0          
==========================================
- Hits          35266      35265     -1   
- Misses        26044      26233   +189   
  Partials          0          0          

Sunburst

Diff Coverage File Path
0% core/routes.php
0% core/templates/layout.base.php
0% new core/Controller/OCJSController.php
0% core/templates/layout.user.php
0% lib/private/TemplateLayout.php
0% core/templates/layout.guest.php
0% new lib/private/Template/JSConfigHelper.php
•• 28% ...e/Security/CSP/ContentSecurityPolicyNonceManager.php
•••••••••• 100% ...ate/AppFramework/DependencyInjection/DIContainer.php
•••••••••• 100% lib/private/Server.php

Review all 11 files changed

Powered by Codecov. Last update 35c7ece...015affb

@MorrisJobke
Copy link
Member

MorrisJobke commented Oct 25, 2016

Code looks good and I tested this in Firefox, Safari, Chrome, IE and Edge. 👍

@MorrisJobke MorrisJobke merged commit 9a70c13 into master Oct 25, 2016
@MorrisJobke MorrisJobke deleted the ocjs_inline branch October 25, 2016 22:20
@LukasReschke
Copy link
Member

Small addition: #1920 :)

@nickvergessen
Copy link
Member

Please also delete the old file, just cost björn and me some minutes to figure out, why the break point didn't stop...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
3. to review Waiting for reviews enhancement
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants