Skip to content

Commit f322798

Browse files
committed
Merge branch 'master' into release.24.10
# Conflicts: # package-lock.json
2 parents c897ade + d57b34b commit f322798

File tree

12 files changed

+1460
-3457
lines changed

12 files changed

+1460
-3457
lines changed

api/api.js

+2-2
Original file line numberDiff line numberDiff line change
@@ -109,8 +109,8 @@ plugins.connectToAllDatabases().then(function() {
109109
password_rotation: 3,
110110
password_autocomplete: true,
111111
robotstxt: "User-agent: *\nDisallow: /",
112-
dashboard_additional_headers: "X-Frame-Options:deny\nX-XSS-Protection:1; mode=block\nStrict-Transport-Security:max-age=31536000 ; includeSubDomains\nX-Content-Type-Options: nosniff",
113-
api_additional_headers: "X-Frame-Options:deny\nX-XSS-Protection:1; mode=block\nAccess-Control-Allow-Origin:*",
112+
dashboard_additional_headers: "X-Frame-Options:deny\nX-XSS-Protection:1; mode=block\nStrict-Transport-Security:max-age=31536000; includeSubDomains; preload\nX-Content-Type-Options: nosniff",
113+
api_additional_headers: "X-Frame-Options:deny\nX-XSS-Protection:1; mode=block\nStrict-Transport-Security:max-age=31536000; includeSubDomains; preload\nAccess-Control-Allow-Origin:*",
114114
dashboard_rate_limit_window: 60,
115115
dashboard_rate_limit_requests: 500,
116116
proxy_hostname: "",

bin/commands/scripts/apidocs.sh

+2
Original file line numberDiff line numberDiff line change
@@ -12,5 +12,7 @@ then
1212
elif [ "$1" = "generate" ]; then
1313
echo 'yes'
1414
echo "$DIR/../../../../plugins/"
15+
npm install apidoc;
16+
npm install apidoc-template;
1517
"$DIR/../../../node_modules/.bin/apidoc" -c "$DIR/../../../apidoc.json" -f "api/.*\\.js$" -i "$DIR/../../../plugins/" -o "$DIR/../../../frontend/express/public/apidoc/" -t "$DIR/../../../node_modules/apidoc-template/template/";
1618
fi

bin/commands/scripts/docs.sh

+1-1
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ elif [ "$1" = "generate" ]; then
2020
npx jsdoc "$DIR/../../../frontend/express/app.js" "$DIR/../../../frontend/express/config.sample.js" "$DIR/../../../frontend/express/version.info.js" "$DIR/../../../frontend/express/locale.conf.js" "$DIR/../../../frontend/express/libs/" -R "$DIR/../../../README.md" -c "$DIR/../../../jsdoc_conf.json" -d "$DIR/../../../frontend/express/public/docs/app" ;
2121

2222
#apidoc
23-
npx apidoc -i "$DIR/../../../" -o "$DIR/../../../frontend/express/public/docs/apidoc" -f ".*\\.js$" -e "node_modules" ;
23+
npm install apidoc; npm install apidoc-template; npx apidoc -i "$DIR/../../../" -o "$DIR/../../../frontend/express/public/docs/apidoc" -f ".*\\.js$" -e "node_modules" ;
2424

2525
#add redirect for main folder
2626
echo "<html><head><meta http-equiv='Refresh' content='0; url=./api/index.html'/><script type='javascript'>window.location = './api/index.html';</script></head></html>" > "$DIR/../../../frontend/express/public/docs/index.html"

frontend/express/app.js

+2-2
Original file line numberDiff line numberDiff line change
@@ -151,8 +151,8 @@ plugins.setConfigs("security", {
151151
password_rotation: 3,
152152
password_autocomplete: true,
153153
robotstxt: "User-agent: *\nDisallow: /",
154-
dashboard_additional_headers: "X-Frame-Options:deny\nX-XSS-Protection:1; mode=block\nStrict-Transport-Security:max-age=31536000 ; includeSubDomains\nX-Content-Type-Options: nosniff",
155-
api_additional_headers: "X-Frame-Options:deny\nX-XSS-Protection:1; mode=block\nAccess-Control-Allow-Origin:*",
154+
dashboard_additional_headers: "X-Frame-Options:deny\nX-XSS-Protection:1; mode=block\nStrict-Transport-Security:max-age=31536000; includeSubDomains; preload\nX-Content-Type-Options: nosniff",
155+
api_additional_headers: "X-Frame-Options:deny\nX-XSS-Protection:1; mode=block\nStrict-Transport-Security:max-age=31536000; includeSubDomains; preload\nAccess-Control-Allow-Origin:*",
156156
dashboard_rate_limit_window: 60,
157157
dashboard_rate_limit_requests: 500
158158
});
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
# If you would like to report a security issue with Countly Server, Countly SDKs
2+
# please get in touch via the below method
3+
Contact: mailto:[email protected]
4+
Expires: 2025-03-14T00:00:00.000Z
5+
Preferred-Languages: en
6+
Canonical: https://securitytxt.org/.well-known/security.txt
7+
Policy: https://countly.com/legal/privacy-policy

0 commit comments

Comments
 (0)