Merge remote-tracking branch 'origin/develop'

2024-11-09 23:24:06 -08:00 · 2024-05-20 11:22:34 +01:00 · 2024-05-20 11:22:34 +01:00 · cc0f2d7074
parent 0d4f13219b a820f248c8
commit cc0f2d7074
7 changed files with 16 additions and 7 deletions
--- a/.env.example
+++ b/.env.example
@ -96,6 +96,7 @@ APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
 ALLOW_IFRAMING=false
 REFERRER_POLICY=same-origin
 ENABLE_CSP=false
+ADDITIONAL_CSP_URLS=null
 CORS_ALLOWED_ORIGINS=null
 ENABLE_HSTS=false

--- a/app/Http/Controllers/ProfileController.php
+++ b/app/Http/Controllers/ProfileController.php
@ -72,7 +72,7 @@ class ProfileController extends Controller


        if ($user->save()) {
-            return redirect()->route('profile')->with('success', 'Account successfully updated');
+            return redirect()->route('profile')->with('success', trans('account.general.profile_updated'));
        }

        return redirect()->back()->withInput()->withErrors($user->getErrors());
--- a/app/Http/Middleware/SecurityHeaders.php
+++ b/app/Http/Middleware/SecurityHeaders.php
@ -88,13 +88,13 @@ class SecurityHeaders
            $csp_policy[] = "connect-src 'self'";
            $csp_policy[] = "object-src 'none'";
            $csp_policy[] = "font-src 'self' data:";
-            $csp_policy[] = "img-src 'self' data: ".config('app.url').' '.env('PUBLIC_AWS_URL').' https://secure.gravatar.com http://gravatar.com maps.google.com maps.gstatic.com *.googleapis.com';
+            $csp_policy[] = "img-src 'self' data: ".config('app.url').' '.config('app.additional_csp_urls').' '.env('PUBLIC_AWS_URL').' https://secure.gravatar.com http://gravatar.com maps.google.com maps.gstatic.com *.googleapis.com';
 	          
            if (config('filesystems.disks.public.driver') == 's3') {
               $csp_policy[] = "img-src 'self' data:  ".config('filesystems.disks.public.url');
            }
            $csp_policy = join(';', $csp_policy);
-           
+
            $response->headers->set('Content-Security-Policy', $csp_policy);
        }

--- a/config/app.php
+++ b/config/app.php
@ -201,6 +201,9 @@ return [

    'enable_csp' => env('ENABLE_CSP', true),

+    'additional_csp_urls' => env('ADDITIONAL_CSP_URLS', ''),
+
+

    /*
    |--------------------------------------------------------------------------
--- a/resources/lang/en-US/account/general.php
+++ b/resources/lang/en-US/account/general.php
@ -9,4 +9,5 @@ return array(
    'api_token_expiration_time' => 'API tokens are set to expire in:',
    'api_reference' => 'Please check the <a href="https://snipe-it.readme.io/reference" target="_blank">API reference</a> to
                    find specific API endpoints and additional API documentation.',
+    'profile_updated' => 'Account successfully updated',
 );
--- a/resources/lang/en-US/table.php
+++ b/resources/lang/en-US/table.php
@ -2,9 +2,10 @@

 return array(

-    'actions'	 	=> 'Actions',
-    'action' 		=> 'Action',
-    'by'      		=> 'By',
-    'item' 			=> 'Item',
+    'actions'	 	        => 'Actions',
+    'action' 		        => 'Action',
+    'by'      		        => 'By',
+    'item' 			        => 'Item',
+    'no_matching_records'   => 'No matching records found',

 );
--- a/resources/views/partials/bootstrap-table.blade.php
+++ b/resources/views/partials/bootstrap-table.blade.php
@ -92,6 +92,9 @@
            exportTypes: ['xlsx', 'excel', 'csv', 'pdf','json', 'xml', 'txt', 'sql', 'doc' ],
            onLoadSuccess: function () {
                $('[data-tooltip="true"]').tooltip(); // Needed to attach tooltips after ajax call
+            },
+            formatNoMatches: function () {
+                return '{{ trans('table.no_matching_records') }}';
            }

            });