Age | Commit message (Collapse) | Author |
|
more than once in different locations, depending on what services are configured on a node (#3612)
Change-Id: Iff064d3d67baa132fb5198fea741522ab4e71770
|
|
|
|
|
|
Change-Id: Ia4e36e9cb2b37172a148c209c5c07b9eca59d89e
|
|
|
|
|
|
|
|
|
|
|
|
Change-Id: Ia35cf7a9fc1d0fad6a57bbae73968ab6b8f0c847
|
|
. create a soledad::common class
. leap-mx now only needs to include soledad-common
. move the site_apt::preferences::twisted to a preferences block inside the soledad server class
. make sure that the packages are doing 'ensure => latest' instead of installed
Change-Id: Ifa978e831cdc8835666b27322a6e068d67251f5d
|
|
Change-Id: I341628d0f36225ce49ae301246e7c152553efcae
|
|
|
|
|
|
|
|
|
|
|
|
|
|
You can either ensure assume-unchanged or ensure those changes are tracked.
Used to keep the git status clean.
|
|
Git normally tracks the dummy files we replace with symlinks. So we tell it to ignore these changes on deploy.
|
|
|
|
|
|
|
|
cases when shorewall doesn't properly come up, ensuring that it fails safe (#3339)
Change-Id: Id4f0bf6cf25f420aa2ad67635b37ae95f54e3d38
|
|
Change-Id: Idd413349ec0b99835a1cbb4fb4c4fcef1a8fdeab
|
|
|
|
The LEAP web application can be displayed inside other pages using an HTML
iframe. Therefore, an attacker can embed parts of the LEAP application inside
of a webpage they control. They can then use special style properties to
disguise the embedded page. By tricking a user in to clicking in the iframe, the
attacker can coerce the user in to performing unintended actions within the LEAP
web application.
An attacker creates a website that embeds the LEAP web application in an iframe.
They then create an HTML /JavaScript game on the same page that involves
clicking and dragging sprites. When a user plays the game, they are in fact
dragging new text values in to the ‘‘Change Password’’ form in the LEAP web app,
which is hidden behind the game using
As long as iframe embedding is not required in the normal usage of the
application, the X-Frame-Options header should be added to prevent browsers from
displaying the web application in frames on other origins.
This has also been set in the webapp
Change-Id: I9e26ae32de4b7b6a327196838d0fa410648f107d
|
|
. Disable ServerSignature
. Set ServerTokens Prod
. unset the X-Powered-By and X-Runtime apache headers
Change-Id: Iddb2cb9a0465bc7f657581adaacbbf748479fd7a
|
|
Change-Id: Icad17de812392d7c587e5bcbf60cd5242c1241e9
|
|
Change-Id: I474cc691fcfc892b7aff4a3a0e3954155bf5ee30
|
|
This reverts commit 8c038fea91adc87adf9e408c16e2f0ec9838e3d2.
|
|
backport twisted 13. In order to install the backported dependencies we need an apt preferences_snippet installed for the backported twisted packages
Change-Id: I886bb735eeb3abe7955c7cf054b749554ab84746
|
|
requires this to start. Closes: #3474
Change-Id: I921dcf0d6571cd60d2705ae4925d0a4318c84fa2
|
|
|
|
made to create databases or add users as these would fail otherwise. Closes: #3466
Change-Id: Ifa8b3da5858ce858fd319c4a659e70d20a65d3e0
|
|
Change-Id: Ib6458b962c624fdb75f514dbd4c2129581fc2bb7
|
|
Change-Id: I20a6ecc43e36fc1e8416c46f7e4d14726995d2f2
|
|
squashed commits:
site_squid_deb_proxy::client: include shorewall::rules::mdns for avahi discovery
added submodule squid_deb_proxy from git://code.leap.se/puppet_squid_deb_proxy
updated submodule squid_deb_proxy
use squid_deb_proxy::client
|
|
made to create databases or add users as these would fail otherwise. Closes: #3466
Change-Id: Ifa8b3da5858ce858fd319c4a659e70d20a65d3e0
|
|
Change-Id: Ib6458b962c624fdb75f514dbd4c2129581fc2bb7
|
|
|
|
Change-Id: I923f15de807f907d6246c3a83df1e59c39d4e920
|
|
node, if it is not, it will fail to compile
this requires a newer leap_cli, so I've bumped the compatibility requirement
Change-Id: Ie1061798d058087126163793b216dd5938eb95a6
|
|
soledad), so fix the port to be the local couchdb port.
In the future, we may want to separate them out.
There is no need to do haproxy with soledad, because the client is supposed to
try a different soledad node if it can't connect
Change-Id: I87e2c5079ba361634336316721c4358a0917fb09
|
|
work-around, use the couchdb admin/passwd
Change-Id: Ibb1cd8416d00552f8ca1716e42a08137a4b461aa
|
|
|
|
|
|
|
|
|
|
|