Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-20 22:42:53 -05:00
Code Issues Activity

Merged v4.3.3 into main

Browse source 
v4.3.3
This commit is contained in:
Daniel Lockyer 2021-04-29 12:14:39 +01:00
commit 15ecfd471b
No known key found for this signature in database
GPG key ID: FFBC6FA2A6F6ABC1
7 changed files with 3 additions and 74 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -123,7 +123,6 @@ test/coverage
# Built asset files
/core/built
/core/server/web/admin/views/*.html
!/core/server/web/admin/views/preview.html
/core/server/public/ghost.min.css
# Caddyfile - for local development with ssl + caddy

2
core/client

@ -1 +1 @@
Subproject commit 87e700fe355b8acb5a2425aa465654baf51d24e3
Subproject commit 5fb87eb6326a18dfaffd2cb1cb36156b5af5b523

1
core/server/services/auth/api-key/admin.js
View file

@ -164,6 +164,7 @@ const authenticateWithToken = async (req, res, next, {token, JWT_OPTIONS}) => {
req.user = user;
next();
return;
}
// store the api key on the request for later checks and logging

3
core/server/web/admin/app.js
View file

@ -6,14 +6,11 @@ const constants = require('@tryghost/constants');
const urlUtils = require('../../../shared/url-utils');
const shared = require('../shared');
const adminMiddleware = require('./middleware');
const preview = require('./preview');
module.exports = function setupAdminApp() {
debug('Admin setup start');
const adminApp = express('admin');
adminApp.use('/preview', preview);
// Admin assets
// @TODO ensure this gets a local 404 error handler
const configMaxAge = config.get('caching:admin:maxAge');

15
core/server/web/admin/preview.js
View file

@ -1,15 +0,0 @@
const path = require('path');
const config = require('../../../shared/config');
function servePreview(req, res, next) {
if (req.path === '/') {
const templatePath = path.resolve(config.get('paths').adminViews, 'preview.html');
return res.sendFile(templatePath);
}
next();
}
module.exports = [
servePreview
];

53
core/server/web/admin/views/preview.html
View file

@ -1,53 +0,0 @@
<script type="text/javascript" charset="utf-8">
(function(){
function onReceive(message) {
// If we're not using IE, or HTTPS we can use document.write
if ((window.location.protocol === 'http:') || !navigator.userAgent.match(/MSIE|rv:11/i)) {
document.write(message.data);
document.close();
return;
}
// In all other cases document.write() is blocked in callbacks - process the HTML instead
// We also have to individually add <script> tags back in - same as when using unsafeHTML in react
var domParser = new DOMParser();
var html = domParser.parseFromString(message.data, 'text/html');
document.getElementsByTagName('head')[0].innerHTML = html.getElementsByTagName('head')[0].innerHTML;
document.getElementsByTagName('body')[0].innerHTML = html.getElementsByTagName('body')[0].innerHTML;
var allScripts = document.getElementsByTagName('script');
if (allScripts.length > 0) {
var scripts = [];
for (var i = 0; i < allScripts.length; i++) {
scripts.push(allScripts[i]);
}
for (var i = 0; i < scripts.length; i++) {
var s = document.createElement('script');
s.innerHTML = scripts[i].innerHTML;
scripts[i].parentNode.appendChild(s);
scripts[i].parentNode.removeChild(scripts[i]);
}
}
}
if (window.addEventListener){
addEventListener("message", onReceive, true);
} else {
attachEvent("onmessage", onReceive);
}
top.postMessage('loaded', "*");
})();
(function(XMLHttpRequest){
if (!XMLHttpRequest || !XMLHttpRequest.prototype) return;
var noXHR = function() {
if (console) {
console.error('Not Permitted');
}
};
XMLHttpRequest.prototype.open = XMLHttpRequest.prototype.send = noXHR;
})(this.XMLHttpRequest);
</script>

2
package.json
View file

@ -1,6 +1,6 @@
{
"name": "ghost",
"version": "4.3.2",
"version": "4.3.3",
"description": "The professional publishing platform",
"author": "Ghost Foundation",
"homepage": "https://ghost.org",