[mythtv-firehose] mythtv branch master updated by stuartm. v0.28-pre-2485-g22736f9

Git Repo Owner noreply at mythtv.org
Thu Jan 15 15:44:58 UTC 2015 

The branch, master has been updated on the
mythtv repository by gitolite user stuartm.
       via  22736f994a9562f21e575d2a058253f76b42b63a (commit)
      from  93f4b96128c454aac728301282259df6734eb771 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 22736f994a9562f21e575d2a058253f76b42b63a
Author:    Stuart Morgan <smorgan at mythtv.org> at Thu, 15 Jan 2015 12:43:36 +0000
Committer: Stuart Morgan <smorgan at mythtv.org> at Thu, 15 Jan 2015 14:35:04 +0000
URL:       http://code.mythtv.org/cgit/mythtv/commit/?id=22736f994a9562f21e575d2a058253f76b42b63a

WebFrontend: Add a restrictive Content-Security-Policy header
This adds an additional layer of protection to the WebFrontend against
most forms of XSS exploit by blocking ALL external content - scripts,
css, images, media etc.

Such a restrictive policy is fine for the WebFrontend as by design it
has to work on isolated networks, or even single machines with no
internet access.

For now, XHR connections to external hosts are still permitted as
that's the mechanism by which we trigger playback of a recording on a
remote frontend. This may be switched to an internal call at some point.

I've also moved setting of some response headers into the HTML server
extension as they aren't relevant to the wider HTTP server.



-----------------------------------------------------------------------

Summary of changes:
 mythtv/libs/libmythupnp/eventing.cpp    |   14 +++++-----
 mythtv/libs/libmythupnp/htmlserver.cpp  |   28 +++++++++++++++++++++
 mythtv/libs/libmythupnp/httprequest.cpp |   41 ++++++++++++++++--------------
 mythtv/libs/libmythupnp/httprequest.h   |    7 +++--
 mythtv/libs/libmythupnp/ssdp.cpp        |    2 +-
 mythtv/libs/libmythupnp/upnpcds.cpp     |    2 +-
 6 files changed, 63 insertions(+), 31 deletions(-)

--

More information about the mythtv-firehose mailing list