DEPLOY: autocomplete resolution for deployement

* BETTER Improves docker image by removing node_modules. * FIX Fixes autocomplete for deployement(ContentSecurity headers). Signed-off-by: Johnny Mariéthoz <Johnny.Mariethoz@rero.ch> Signed-off-by: Peter Weber <peter.weber@rero.ch>
rero · Mar 27, 2019 · 5b5e533 · 5b5e533
1 parent e6d65a3
commit 5b5e533
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 13 deletions.
diff --git a/.dockerignore b/.dockerignore
@@ -17,3 +17,4 @@ docker-compose.yml
 docker-compose-dev.yml
 
 Procfile*
+ui/node_modules
diff --git a/Dockerfile b/Dockerfile
@@ -36,4 +36,5 @@ RUN chown -R invenio:invenio ${WORKING_DIR}
 USER 1000
 
 ENV INVENIO_COLLECT_STORAGE='flask_collect.storage.file'
-RUN ./scripts/bootstrap --deploy
+RUN ./scripts/bootstrap --deploy && rm -fr ui/node_modules
+
diff --git a/Dockerfile.base b/Dockerfile.base
@@ -60,6 +60,3 @@ RUN useradd invenio --uid 1000  --home ${WORKING_DIR} && \
     chmod -R go+w ${WORKING_DIR}
 
 USER 1000
-
-ENV INVENIO_COLLECT_STORAGE='flask_collect.storage.file'
-RUN ./scripts/bootstrap
diff --git a/rero_ils/config.py b/rero_ils/config.py
@@ -227,8 +227,12 @@ def _(x):
 MAX_CONTENT_LENGTH = 100 * 1024 * 1024  # 100 MiB
 #: For dev. Set to false when testing on localhost in no debug mode
 APP_ENABLE_SECURE_HEADERS = True
+
+# TODO: review theses rules for security purposes
 APP_DEFAULT_SECURE_HEADERS = {
-    'force_https': True,
+    # disabled as https is not used by the application:
+    # https is done by the haproxy
+    'force_https': False,
     'force_https_permanent': False,
     'force_file_save': False,
     'frame_options': 'sameorigin',
@@ -239,7 +243,7 @@ def _(x):
     'strict_transport_security_include_subdomains': True,
     'content_security_policy': {
         'default-src': ['*'],
-        # 'default-src': ["'self'"],
+        'style-src': ['*', "'unsafe-inline'"],
         'script-src': [
             "'self'",
             "'unsafe-inline'",
@@ -248,12 +252,7 @@ def _(x):
             'https://www.google-analytics.com',
             'https://services.test.rero.ch',
             'https://services.rero.ch'
-        ],
-        # 'img-src': [
-        #     "'self'",
-        #     'https://www.google-analytics.com',
-        #     'http://images.amazon.com'
-        # ]
+        ]
     },
     'content_security_policy_report_uri': None,
     'content_security_policy_report_only': False,

diff --git a/ui/src/app/autocomplete/autocomplete.component.ts b/ui/src/app/autocomplete/autocomplete.component.ts
@@ -113,7 +113,6 @@ export class AutocompleteComponent implements OnInit {
 
   getPersonName(metadata) {
     for (const source of ['rero', 'bnf', 'gnd']) {
-      console.log(source);
       if (metadata[source] && metadata[source].preferred_name_for_person) {
         return metadata[source].preferred_name_for_person;
       }
Original file line number	Diff line number	Diff line change
Expand Up		@@ -17,3 +17,4 @@ docker-compose.yml
		docker-compose-dev.yml

		Procfile*
		ui/node_modules