Rivoreo Source Code Repositories
src.rivoreo.one / gitiles / 34d50084e091513ce2f2a72cfd560eff99207ec5
commit34d50084e091513ce2f2a72cfd560eff99207ec5[log] [download]
authorKamil Musin <kamilm@google.com>Fri Dec 09 15:48:47 2022 +0100
committerKamil Musin <kamilm@google.com>Mon Dec 12 11:16:13 2022 +0100
tree59a7b678f5cb7d4813667f7f97f2202ebe397185
parentb07bdd9003b7a549fda5c913773d93861a4f545e [diff]
Provide csp_nonce to Soy Templates

The CSP nonce is only provided if available. If a filter is installed
that attaches "nonce" attribute to request. For example in google
deployment of gerrit we have such filter that sets nonce on all requests
before they are processed by a servelet.

CSP helps protects sites from XSS attacks. On Google hosts we set CSP
headers that require all script elements to be accompanied by nonce (per
request generated random string). Soy templates have a built in support
for attaching nonce, as long as the value is provided using Inject Data
mechanism.

Google-Bud-Id: b/33429040
Release-Notes: skip
Change-Id: Ifa3a07b8c77918a8a4ab48775b68e4f3b39bd3cb
2 files changed
tree: 59a7b678f5cb7d4813667f7f97f2202ebe397185
  1. .bazelrc
  2. .bazelversion
  3. .gitignore
  4. .gitmodules
  5. .mailmap
  6. .settings/
  7. BUILD
  8. COPYING
  9. Documentation/
  10. README.md
  11. WORKSPACE
  12. fake_pom_deploy.xml
  13. fake_pom_install.xmlfake_pom_deploy.xml
  14. java/com/google/gitiles/
  15. javatests/com/google/gitiles/
  16. lib/
  17. modules/
  18. navbar.md
  19. resources/
  20. tools/
  21. version.bzl
README.md

Gitiles - A simple JGit repository browser

Gitiles is a simple repository browser for Git repositories, built on JGit. Its guiding principle is simplicity: it has no formal access controls, no write access, no fancy Javascript, etc.

Gitiles automatically renders *.md Markdown files into HTML for simplified documentation. Refer to the Markdown documentation for details.

Configuration

Gitiles is configurable in a git-style configuration file named gitiles.config. Refer to the configuration documentation for details.

Bugs

Use the issue tracker at github to file bugs.

Contributing to Gitiles

Please refer to the Developer Guide.