| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When I originally wrote CSP into the webui files, I intended to drop it
into the HTML file so it could be removed from bmcweb. Unfortunately,
that plan doesn't fly, as the CSP headers in bmcweb need to remain for
non-html files.
This normally wouldn't matter, but a number of people utilize
BMCWEB_INSECURE_DISABLE_XSS_PREVENTION to run the webui locally and
debug a new webui patch from a working BMC. This causes the CSP headers
to conflict, and the browser to fail with a CSP error on connect-src
when debugging locally.
Removing the CSP section entirely from the webui resolves this, and
doesn't change functionality at all, as it's still covered in bmcweb.
Tested: Will verify on a real platform.
Verified that building the webui locally with the above bmcweb flag
allows the webui to launch correctly.
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: I60e5011361ec3ce1930249a20cf34480beb48a7f
|
|
|
|
|
|
|
|
|
|
| |
This will fix Safari console errors for WebSocket connections.
This fix is dependent on
https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/24610
Signed-off-by: Yoshie Muranaka <yoshiemuranaka@gmail.com>
Change-Id: I54987124037c206773bbc4ee690f854bfae8fa19
|
|
|
|
|
|
|
|
|
|
| |
Add 'connect-src' directive to Content Security Policy to allow
WebSocket connection.
Added additional error handling when Websocket connection
refused.
Signed-off-by: Yoshie Muranaka <yoshiemuranaka@gmail.com>
Change-Id: I83cfaa0b314099aea57ee7f2be75a0658462b2a9
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While we don't really officially support IE, it would be nice if
_most_ non-complicated things actually worked. Given where
transpilation is, and the fact that we already have webpack, this isn't
actually that riddiculous of an idea.
using babel was the intent with the original webpack stuff, but it turns out
babel-loader wasn't pulling in the babelrc properly when it was in the
root dir, so babel wasn't actually transpiling anything properly.
Functionally, this commit does 3 things:
1. Fixes the published Accepts header, as the ajax call confuses IE if
it doesn't have an encoding.
2. Includes core-js, to allow us to not really have to worry about
javascript features that aren't present in a given browser.
4. Includes the config to support all browsers with > 0.25% market
share, which should keep us compatible with most stuff.
Requires a patch to bmcweb for the updated charset header, as we didn't
handle that properly previously.
https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/24063
Tested:
Loaded the bmcweb patch.
Started the webui in IE11 with the console open. Observed that webui
launches and logs in properly with no errors on the console.
Opened the webui in chrome to verify that nothing was broken. Appears
working as it was before.
Measured the pre-rootfs size before and after this patchset. It
adds 36KB to the final package size. (404KB to 440KB). For supporting
IE11 (and probably other browsers) I think this is well worth the cost.
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
Change-Id: Ie402e3296deede466a7a05726ebd7a18bead0b80
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patchset will create consistent button styling according
to the styleguide and remove redundant button styles by creating
reusable button classes.
This patchset also implements a consistent strategy for including
icon assets. Currently, svg icons are imported as CSS background
images or inlined into the markup. Inlining an svg is preferred,
especially when used with buttons or links so the colors can
be easily changed for different states (hover, focus, disabled)
without having to request variants.
The icon provider allows us to inline svgs without cluttering
the markup. Webpack config was adjusted to use svg-inline-loader
when resolving svgs that are used by the icon provider directive.
- All svgs were optimized to remove unncessary information.
- Removed unused svg color variants
- Moved icons used by icon provider to separate directory to
avoid Webpack parsing the files twice
- Small changes to navigation icons
Signed-off-by: Yoshie Muranaka <yoshiemuranaka@gmail.com>
Change-Id: I1ca214b74fc502e6b6e760cfee88b48110237c43
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patchset adds the infrastructure to allow KVM sessions
through the webui. A websocket capable VNC/RFB connection
on the BMC is needed for KVM sessions.
To access, navigate to Server control -> KVM.
Tested: Ran obmc-ikvm on the BMC, added a KVM Handler to
Phosphor Rest Server, and was able to establish a
KVM session in the webui on a Witherspoon.
Change-Id: I7dda5bec41d270ae8d0913697714d4df4ec3a257
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Webpack allows us to define a content security policy that utilizes
hashes to define what is, and isn't allowed to execute in the page
context. Because we're a single page application, this means that we
can effectively defend the whole page with a few extra lines of setup.
This does not utilitize _any_ of the unsafe-* calls that content
security policy has, which should meet security standards for all uses.
Tested By:
Launched GUI, observed no functional changes, and watched console for
CSP errors. Saw none.
Change-Id: I892df1f1b004384943be0ae6e51046054991fd45
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit moves us to the latest versions of all the packages we use.
For the bitbake build to succeed, it requires the patchset here to be
merged. Details on why are available on that commit.
https://gerrit.openbmc-project.xyz/#/c/openbmc/openbmc/+/12561/2//COMMIT_MSG@10
This upgrade of webpack is done to decrease our size on flash, and to
increase the load time of the webui. In my basic testing, this
patchset decreases the webui load time (to the login page) by about
40% and significnatly reduces the load on the bmc. This is because
the entire page is loaded in a single request.
This should also save some runtime memory on the BMC as well, as the
webui route is now greatly decreased. Basic testing shows that we have
gone from 1188KB of pre-squashfs flash used to down to 456KB.
Change-Id: I5992f2808978ee0e6b00196b030f7b122cac20d9
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
|
|
|
|
|
| |
Found using sonar scanner.
Change-Id: I7ca70f2d13a8adfeebfee2b727ffed7c118a89bc
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes github bug openbmc/openbmc#2871
Turn on uglification again. It turns out, we only had one issue
preventing the UI from starting when running in uglified mode. This
patchset fixes the issue, and reenables uglification.
This patchset drops our gzip compressed payload size by about 50K (about
14%). While it doesn't seem like a lot now, it increases our ability
to scale the javascript payloads going forward.
Change-Id: I0744687203a9db0f4b26d1e1d2f4e3bdb4a52f78
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
|
|
|
|
|
|
|
|
| |
Once merged, this repository will have CI enforce
the coding guidelines in the .clang-format file.
Change-Id: I96a05972665f9c67625c6850c3da25edc540be06
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Found this pointer on stackoverflow:
https://stackoverflow.com/a/31660434/5508494
End goal is to get the code formatted well enough that
clang format will run correctly against it.
Change-Id: I80053e78d253d8eee49233e42d55e5807ae8fdc8
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
|
|
|
|
|
|
|
|
| |
The Uglifying build error is 2871 not 2781.
https://github.com/openbmc/openbmc/issues/2871
Change-Id: I84dedc50c1cc2f45a04eacd1d83cd43bd2a7230f
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes uglifyJs invalid assignment.
Before we were using the uglifyjs-webpack-plugin ^0.4.6 coming
from webpack.
Took from
https://github.com/webpack-contrib/uglifyjs-webpack-plugin/issues/187
Resolves openbmc/openbmc#3200
Change-Id: I29907caeeb49122cdddf6e6793070671a4525231
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
| |
The javascript in this repository isn't currently compatible with
the name mangling done by the uglifier plugin (it causes unknown
provider errors).
This commit can be reverted when it is fixed.
Change-Id: I1589e2ba392aec7b321b9816475613215836c47d
Signed-off-by: Matt Spinler <spinler@us.ibm.com>
|
|
|
|
|
|
|
|
|
|
| |
The current repo doesn't seem to produce a favicon, so having the
reference to it produces either a 404 error or a 401 error depending on
the server. Add a transparent favicon until someone can cobble
together a proper one from the openbmc SVG files
Change-Id: I5a79be5982e164a8ae0b28a69f673129c0a959ba
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
|
|
1. Move from gulp server to webpack. This allows the proper
compression to allow the webui to be embedded in the BMC.
2. Update js paths to use requires, not hardcoded paths. This was
required to make the packaging work correctly.
3. Add babel config to do translation.
4. Update angularjs directive calls to use the angular 1.6 syntax for
promises intead of success and fail.
https://docs.angularjs.org/guide/migration#migrate1.5to1.6-ng-services-$http
5. As a consequence of using NPM/webpack, the versions of angular and
associated modules that were checked in have been updated.
Change-Id: Icb71e2eedb0d9a8943fc914f9dc4be11d0983c00
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|