mirror of
https://github.com/snipe/snipe-it.git
synced 2024-12-25 21:54:14 -08:00
Merge branch 'csp-middleware' into develop
This commit is contained in:
commit
9ce2d1f560
|
@ -63,7 +63,13 @@ ENCRYPT=false
|
||||||
COOKIE_NAME=snipeit_session
|
COOKIE_NAME=snipeit_session
|
||||||
COOKIE_DOMAIN=null
|
COOKIE_DOMAIN=null
|
||||||
SECURE_COOKIES=false
|
SECURE_COOKIES=false
|
||||||
|
|
||||||
|
|
||||||
|
# --------------------------------------------
|
||||||
|
# OPTIONAL: SECURITY HEADER SETTINGS
|
||||||
|
# --------------------------------------------
|
||||||
REFERRER_POLICY=strict-origin
|
REFERRER_POLICY=strict-origin
|
||||||
|
DISABLE_CSP=false
|
||||||
|
|
||||||
|
|
||||||
# --------------------------------------------
|
# --------------------------------------------
|
||||||
|
|
|
@ -20,6 +20,7 @@ class Kernel extends HttpKernel
|
||||||
\App\Http\Middleware\FrameGuard::class,
|
\App\Http\Middleware\FrameGuard::class,
|
||||||
\App\Http\Middleware\XssProtectHeader::class,
|
\App\Http\Middleware\XssProtectHeader::class,
|
||||||
\App\Http\Middleware\ReferrerPolicyHeader::class,
|
\App\Http\Middleware\ReferrerPolicyHeader::class,
|
||||||
|
\App\Http\Middleware\ContentSecurityPolicyHeader::class,
|
||||||
\App\Http\Middleware\NosniffGuard::class,
|
\App\Http\Middleware\NosniffGuard::class,
|
||||||
\App\Http\Middleware\CheckForSetup::class,
|
\App\Http\Middleware\CheckForSetup::class,
|
||||||
\Fideloper\Proxy\TrustProxies::class,
|
\Fideloper\Proxy\TrustProxies::class,
|
||||||
|
|
35
app/Http/Middleware/ContentSecurityPolicyHeader.php
Normal file
35
app/Http/Middleware/ContentSecurityPolicyHeader.php
Normal file
|
@ -0,0 +1,35 @@
|
||||||
|
<?php
|
||||||
|
namespace App\Http\Middleware;
|
||||||
|
|
||||||
|
use Closure;
|
||||||
|
|
||||||
|
class ContentSecurityPolicyHeader
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Handle the given request and get the response.
|
||||||
|
*
|
||||||
|
* @param \Illuminate\Http\Request $request
|
||||||
|
* @param \Closure $next
|
||||||
|
* @return \Illuminate\Http\Response
|
||||||
|
*/
|
||||||
|
public function handle($request, Closure $next)
|
||||||
|
{
|
||||||
|
if (config('app.disable_csp')=='true') {
|
||||||
|
$response = $next($request);
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
$policy[] = "default-src 'self'";
|
||||||
|
$policy[] = "style-src 'self' 'unsafe-inline' oss.maxcdn.com";
|
||||||
|
$policy[] = "script-src 'self' oss.mafxcdn.com cdnjs.cloudflare.com 'nonce-".csrf_token()."'";
|
||||||
|
$policy[] = "connect-src 'self'";
|
||||||
|
$policy[] = "object-src 'none'";
|
||||||
|
$policy[] = "font-src 'self' data:";
|
||||||
|
$policy[] = "img-src 'self' data: gravatar.com";
|
||||||
|
$policy = join(';', $policy);
|
||||||
|
|
||||||
|
$response = $next($request);
|
||||||
|
$response->headers->set('Content-Security-Policy', $policy);
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
}
|
|
@ -169,6 +169,24 @@ return [
|
||||||
|
|
||||||
'referrer_policy' => env('REFERRER_POLICY', 'strict-origin'),
|
'referrer_policy' => env('REFERRER_POLICY', 'strict-origin'),
|
||||||
|
|
||||||
|
/*
|
||||||
|
|--------------------------------------------------------------------------
|
||||||
|
| CSP
|
||||||
|
|--------------------------------------------------------------------------
|
||||||
|
|
|
||||||
|
| Disable the content security policy that restricts what scripts, images
|
||||||
|
| and styles can load. (This should be left as false if you don't know
|
||||||
|
| what this means.)
|
||||||
|
|
|
||||||
|
| Read more: https://www.w3.org/TR/CSP/
|
||||||
|
| Read more: https://content-security-policy.com
|
||||||
|
|
|
||||||
|
*/
|
||||||
|
|
||||||
|
'disable_csp' => env('DISABLE_CSP', false),
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|--------------------------------------------------------------------------
|
|--------------------------------------------------------------------------
|
||||||
|
|
|
@ -5,10 +5,12 @@
|
||||||
|
|
||||||
RewriteEngine On
|
RewriteEngine On
|
||||||
|
|
||||||
# Uncomment these two lines to force SSL redirect
|
# Uncomment these two lines to force SSL redirect in Apache
|
||||||
# RewriteCond %{HTTPS} off
|
# RewriteCond %{HTTPS} off
|
||||||
# RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
|
# RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# Redirect Trailing Slashes If Not A Folder...
|
# Redirect Trailing Slashes If Not A Folder...
|
||||||
RewriteCond %{REQUEST_FILENAME} !-d
|
RewriteCond %{REQUEST_FILENAME} !-d
|
||||||
RewriteRule ^(.*)/$ /$1 [L,R=301]
|
RewriteRule ^(.*)/$ /$1 [L,R=301]
|
||||||
|
@ -21,4 +23,11 @@
|
||||||
# Handle Authorization Header
|
# Handle Authorization Header
|
||||||
RewriteCond %{HTTP:Authorization} .
|
RewriteCond %{HTTP:Authorization} .
|
||||||
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
|
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
|
||||||
|
|
||||||
|
# Security Headers
|
||||||
|
Header set Strict-Transport-Security "max-age=2592000" env=HTTPS
|
||||||
|
Header set X-XSS-Protection "1; mode=block"
|
||||||
|
Header set X-Content-Type-Options nosniff
|
||||||
|
Header set X-Permitted-Cross-Domain-Policies "master-only"
|
||||||
|
|
||||||
</IfModule>
|
</IfModule>
|
||||||
|
|
|
@ -94,7 +94,7 @@
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
|
|
||||||
<script src="{{ asset('js/signature_pad.min.js') }}"></script>
|
<script src="{{ asset('js/signature_pad.min.js') }}"></script>
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
var wrapper = document.getElementById("signature-pad"),
|
var wrapper = document.getElementById("signature-pad"),
|
||||||
clearButton = wrapper.querySelector("[data-action=clear]"),
|
clearButton = wrapper.querySelector("[data-action=clear]"),
|
||||||
saveButton = wrapper.querySelector("[data-action=save]"),
|
saveButton = wrapper.querySelector("[data-action=save]"),
|
||||||
|
|
|
@ -16,7 +16,7 @@
|
||||||
@stop
|
@stop
|
||||||
|
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
new Vue({
|
new Vue({
|
||||||
el: "#app",
|
el: "#app",
|
||||||
});
|
});
|
||||||
|
|
|
@ -149,7 +149,7 @@
|
||||||
|
|
||||||
|
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
|
|
||||||
$( "a[name='Request']").click(function(event) {
|
$( "a[name='Request']").click(function(event) {
|
||||||
// event.preventDefault();
|
// event.preventDefault();
|
||||||
|
|
|
@ -58,7 +58,7 @@
|
||||||
|
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
@include ('partials.bootstrap-table', ['exportFile' => 'maintenances-export', 'search' => true])
|
@include ('partials.bootstrap-table', ['exportFile' => 'maintenances-export', 'search' => true])
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
function maintenanceActions(value, row) {
|
function maintenanceActions(value, row) {
|
||||||
var actions = '<nobr>';
|
var actions = '<nobr>';
|
||||||
if ((row) && (row.available_actions.update === true)) {
|
if ((row) && (row.available_actions.update === true)) {
|
||||||
|
|
|
@ -134,7 +134,7 @@
|
||||||
@stop
|
@stop
|
||||||
|
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
$(document).ready(function(){
|
$(document).ready(function(){
|
||||||
|
|
||||||
// Only display the custom format field if it's a custom format validation type
|
// Only display the custom format field if it's a custom format validation type
|
||||||
|
|
|
@ -82,7 +82,7 @@
|
||||||
@stop
|
@stop
|
||||||
|
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
var fixHelperModified = function(e, tr) {
|
var fixHelperModified = function(e, tr) {
|
||||||
var $originals = tr.children();
|
var $originals = tr.children();
|
||||||
var $helper = tr.clone();
|
var $helper = tr.clone();
|
||||||
|
|
|
@ -253,7 +253,7 @@
|
||||||
@endif
|
@endif
|
||||||
|
|
||||||
|
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -108,7 +108,7 @@
|
||||||
@stop
|
@stop
|
||||||
|
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
$(function() {
|
$(function() {
|
||||||
$('#assigned_to').on("change",function () {
|
$('#assigned_to').on("change",function () {
|
||||||
// console.warn("Model Id has changed!");
|
// console.warn("Model Id has changed!");
|
||||||
|
|
|
@ -154,7 +154,7 @@
|
||||||
@stop
|
@stop
|
||||||
|
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
$(function() {
|
$(function() {
|
||||||
$('#assigned_user').on("change",function () {
|
$('#assigned_user').on("change",function () {
|
||||||
var userid = $('#assigned_user option:selected').val();
|
var userid = $('#assigned_user option:selected').val();
|
||||||
|
|
|
@ -160,7 +160,7 @@
|
||||||
@stop
|
@stop
|
||||||
|
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -190,7 +190,7 @@
|
||||||
@endif
|
@endif
|
||||||
|
|
||||||
</div></div></div>
|
</div></div></div>
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
$(document).ready(function(){
|
$(document).ready(function(){
|
||||||
|
|
||||||
$('#generate-password').pGenerator({
|
$('#generate-password').pGenerator({
|
||||||
|
|
|
@ -125,7 +125,7 @@
|
||||||
|
|
||||||
|
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
|
|
||||||
$("#audit-form").submit(function (event) {
|
$("#audit-form").submit(function (event) {
|
||||||
$('#audited-div').show();
|
$('#audited-div').show();
|
||||||
|
|
|
@ -703,7 +703,7 @@
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
@include ('partials.bootstrap-table', ['simple_view' => true])
|
@include ('partials.bootstrap-table', ['simple_view' => true])
|
||||||
|
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
$(document).delegate('*[data-toggle="lightbox"]', 'click', function(event) {
|
$(document).delegate('*[data-toggle="lightbox"]', 'click', function(event) {
|
||||||
event.preventDefault();
|
event.preventDefault();
|
||||||
$(this).ekkoLightbox();
|
$(this).ekkoLightbox();
|
||||||
|
|
|
@ -83,7 +83,7 @@
|
||||||
@stop
|
@stop
|
||||||
|
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
new Vue({
|
new Vue({
|
||||||
el: '#app'
|
el: '#app'
|
||||||
});
|
});
|
||||||
|
|
|
@ -27,13 +27,13 @@
|
||||||
|
|
||||||
<meta name="csrf-token" content="{{ csrf_token() }}">
|
<meta name="csrf-token" content="{{ csrf_token() }}">
|
||||||
|
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
window.Laravel = { csrfToken: '{{ csrf_token() }}' };
|
window.Laravel = { csrfToken: '{{ csrf_token() }}' };
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<style>
|
<style nonce="{{ csrf_token() }}">
|
||||||
@if ($snipeSettings)
|
@if ($snipeSettings)
|
||||||
@if ($snipeSettings->header_color)
|
@if ($snipeSettings->header_color)
|
||||||
.main-header .navbar, .main-header .logo {
|
.main-header .navbar, .main-header .logo {
|
||||||
|
@ -70,7 +70,7 @@
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
window.snipeit = {
|
window.snipeit = {
|
||||||
settings: {
|
settings: {
|
||||||
"per_page": {{ $snipeSettings->per_page }}
|
"per_page": {{ $snipeSettings->per_page }}
|
||||||
|
@ -662,7 +662,7 @@
|
||||||
|
|
||||||
|
|
||||||
<script src="{{ url(mix('js/dist/all.js')) }}"></script>
|
<script src="{{ url(mix('js/dist/all.js')) }}"></script>
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
$(function () {
|
$(function () {
|
||||||
var datepicker = $.fn.datepicker.noConflict(); // return $.fn.datepicker to previously assigned value
|
var datepicker = $.fn.datepicker.noConflict(); // return $.fn.datepicker to previously assigned value
|
||||||
$.fn.bootstrapDP = datepicker;
|
$.fn.bootstrapDP = datepicker;
|
||||||
|
@ -677,14 +677,14 @@
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
@show
|
@show
|
||||||
|
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
$(function () {
|
$(function () {
|
||||||
$('[data-toggle="tooltip"]').tooltip();
|
$('[data-toggle="tooltip"]').tooltip();
|
||||||
})
|
})
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
@if ((Session::get('topsearch')=='true') || (Request::is('/')))
|
@if ((Session::get('topsearch')=='true') || (Request::is('/')))
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
$("#tagSearch").focus();
|
$("#tagSearch").focus();
|
||||||
</script>
|
</script>
|
||||||
@endif
|
@endif
|
||||||
|
|
|
@ -13,7 +13,7 @@
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
window.snipeit = {
|
window.snipeit = {
|
||||||
settings: {
|
settings: {
|
||||||
"per_page": 20
|
"per_page": 20
|
||||||
|
@ -120,7 +120,7 @@
|
||||||
</div>
|
</div>
|
||||||
<script src="{{ url(mix('js/dist/all.js')) }}"></script>
|
<script src="{{ url(mix('js/dist/all.js')) }}"></script>
|
||||||
|
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
$(function () {
|
$(function () {
|
||||||
$(".select2").select2();
|
$(".select2").select2();
|
||||||
});
|
});
|
||||||
|
|
|
@ -62,7 +62,7 @@
|
||||||
|
|
||||||
@if (!$item->id)
|
@if (!$item->id)
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
|
|
||||||
var $eventSelect = $(".parent");
|
var $eventSelect = $(".parent");
|
||||||
$eventSelect.on("change", function () { parent_details($eventSelect.val()); });
|
$eventSelect.on("change", function () { parent_details($eventSelect.val()); });
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
|
|
||||||
<script src="/js/pGenerator.jquery.js"></script>
|
<script src="/js/pGenerator.jquery.js"></script>
|
||||||
|
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
$(document).ready(function () {
|
$(document).ready(function () {
|
||||||
|
|
||||||
$('#genPassword').pGenerator({
|
$('#genPassword').pGenerator({
|
||||||
|
|
|
@ -13,7 +13,7 @@
|
||||||
<script src="{{ asset('js/extensions/toolbar/bootstrap-table-toolbar.js') }}"></script>
|
<script src="{{ asset('js/extensions/toolbar/bootstrap-table-toolbar.js') }}"></script>
|
||||||
@endif
|
@endif
|
||||||
|
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
$('.snipe-table').bootstrapTable({
|
$('.snipe-table').bootstrapTable({
|
||||||
classes: 'table table-responsive table-no-bordered',
|
classes: 'table table-responsive table-no-bordered',
|
||||||
undefinedText: '',
|
undefinedText: '',
|
||||||
|
|
|
@ -24,7 +24,7 @@
|
||||||
@stop
|
@stop
|
||||||
|
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
new Vue({
|
new Vue({
|
||||||
el: "#app",
|
el: "#app",
|
||||||
});
|
});
|
||||||
|
|
|
@ -146,7 +146,7 @@
|
||||||
|
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
<!-- bootstrap color picker -->
|
<!-- bootstrap color picker -->
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
//color picker with addon
|
//color picker with addon
|
||||||
$(".header-color").colorpicker();
|
$(".header-color").colorpicker();
|
||||||
// toggle the disabled state of asset id prefix
|
// toggle the disabled state of asset id prefix
|
||||||
|
|
|
@ -199,7 +199,7 @@
|
||||||
|
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
<!-- bootstrap color picker -->
|
<!-- bootstrap color picker -->
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
//color picker with addon
|
//color picker with addon
|
||||||
$(".header-color").colorpicker();
|
$(".header-color").colorpicker();
|
||||||
// toggle the disabled state of asset id prefix
|
// toggle the disabled state of asset id prefix
|
||||||
|
|
|
@ -372,7 +372,7 @@
|
||||||
@stop
|
@stop
|
||||||
|
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
$("#ldaptest").click(function(){
|
$("#ldaptest").click(function(){
|
||||||
$("#ldaptestrow").removeClass('success');
|
$("#ldaptestrow").removeClass('success');
|
||||||
$("#ldaptestrow").removeClass('danger');
|
$("#ldaptestrow").removeClass('danger');
|
||||||
|
|
|
@ -57,7 +57,7 @@
|
||||||
|
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
<!-- bootstrap color picker -->
|
<!-- bootstrap color picker -->
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
//color picker with addon
|
//color picker with addon
|
||||||
$(".color").colorpicker();
|
$(".color").colorpicker();
|
||||||
</script>
|
</script>
|
||||||
|
|
|
@ -54,7 +54,7 @@
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
@include ('partials.bootstrap-table', ['exportFile' => 'statuslabels-export', 'search' => true])
|
@include ('partials.bootstrap-table', ['exportFile' => 'statuslabels-export', 'search' => true])
|
||||||
|
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
function colorSqFormatter(value, row) {
|
function colorSqFormatter(value, row) {
|
||||||
if (value) {
|
if (value) {
|
||||||
return '<span class="label" style="background-color: ' + value + ';"> </span> ' + value;
|
return '<span class="label" style="background-color: ' + value + ';"> </span> ' + value;
|
||||||
|
|
|
@ -553,7 +553,7 @@
|
||||||
@stop
|
@stop
|
||||||
|
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
$(document).ready(function() {
|
$(document).ready(function() {
|
||||||
|
|
||||||
$('#email').on('keyup',function(){
|
$('#email').on('keyup',function(){
|
||||||
|
@ -570,7 +570,7 @@ $(document).ready(function() {
|
||||||
});
|
});
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
$('tr.header-row input:radio').click(function() {
|
$('tr.header-row input:radio').click(function() {
|
||||||
value = $(this).attr('value');
|
value = $(this).attr('value');
|
||||||
$(this).parent().parent().siblings().each(function() {
|
$(this).parent().parent().siblings().each(function() {
|
||||||
|
@ -585,7 +585,7 @@ $('.header-name').click(function() {
|
||||||
|
|
||||||
<script src="{{ asset('js/pGenerator.jquery.js') }}"></script>
|
<script src="{{ asset('js/pGenerator.jquery.js') }}"></script>
|
||||||
|
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
|
|
||||||
|
|
||||||
$(document).ready(function(){
|
$(document).ready(function(){
|
||||||
|
|
|
@ -86,7 +86,7 @@
|
||||||
'columns' => \App\Presenters\UserPresenter::dataTableLayout()
|
'columns' => \App\Presenters\UserPresenter::dataTableLayout()
|
||||||
])
|
])
|
||||||
|
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
|
|
||||||
function groupsFormatter(value) {
|
function groupsFormatter(value) {
|
||||||
|
|
||||||
|
|
|
@ -491,7 +491,7 @@
|
||||||
|
|
||||||
@section('moar_scripts')
|
@section('moar_scripts')
|
||||||
@include ('partials.bootstrap-table', ['simple_view' => true])
|
@include ('partials.bootstrap-table', ['simple_view' => true])
|
||||||
<script>
|
<script nonce="{{ csrf_token() }}">
|
||||||
$(function () {
|
$(function () {
|
||||||
//binds to onchange event of your input field
|
//binds to onchange event of your input field
|
||||||
var uploadedFileSize = 0;
|
var uploadedFileSize = 0;
|
||||||
|
|
Loading…
Reference in a new issue