Skip to content

Commit 93296a0

Browse files
committed
Changed static nonce to request.getAttribute
1 parent b3d0693 commit 93296a0

39 files changed

Lines changed: 49 additions & 49 deletions

File tree

knowage/src/main/webapp/WEB-INF/jsp/commons/angular/sbiModule.jspf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
<%@page import="it.eng.spagobi.commons.constants.SpagoBIConstants"%>
88
<%@page import="it.eng.knowage.commons.utilities.urls.UrlBuilder"%>
99

10-
<script type="text/javascript" nonce="rAnd0m">
10+
<script type="text/javascript" nonce="<%= request.getAttribute("cspNonce") %>">
1111
var sbiM=angular.module('sbiModule',["toastr","ngSanitize","ngCookies"]);
1212

1313
// sbiM.config(function($mdThemingProvider) {

knowage/src/main/webapp/WEB-INF/jsp/commons/importSbiJS.jspf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -212,7 +212,7 @@ create-debug in ant-files/SpagoBI-2.x-source/SpagoBIProject/ant/build.xml must b
212212
<script type="text/javascript"
213213
src='<%=urlBuilder.getResourceLink(request, "/js/src/ext/sbi/execution/ExporterUtils.js")%>'></script>
214214

215-
<script type="text/javascript" nonce="rAnd0m">
215+
<script type="text/javascript" nonce="<%= request.getAttribute("cspNonce") %>">
216216
// Session parameters manager must be initialized
217217
document.onload = Sbi.execution.SessionParametersManager.init();
218218
</script>

knowage/src/main/webapp/WEB-INF/jsp/commons/includeMessageResource.jspf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@
2121
<%@page import="it.eng.knowage.commons.utilities.LocalePropertiesUtilities"%>
2222

2323

24-
<script type="text/javascript" type="text/javascript" nonce="rAnd0m">
24+
<script type="text/javascript" type="text/javascript" nonce="<%= request.getAttribute("cspNonce") %>">
2525

2626
//Function that gets the properties file's content in an synchronous way
2727
getSynch=function(url, callback){

knowage/src/main/webapp/WEB-INF/jsp/commons/portlet_base.jsp

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -374,6 +374,6 @@ commented by Davide Zerbetto on 12/10/2009: there are problems with MIF (Ext Man
374374
href='<%=urlBuilder.getResourceLink(request, "js/lib/ext-2.0.1/overrides/resources/css/"+extTheme)%>'
375375
type='text/css' />
376376

377-
<script type="text/javascript" nonce="rAnd0m">
377+
<script type="text/javascript" nonce="<%= request.getAttribute("cspNonce") %>">
378378
document.onselectstart = function() { return true; }
379379
</script>

knowage/src/main/webapp/WEB-INF/jsp/commons/portlet_base410.jsp

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -243,7 +243,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
243243
lang="<%=locale != null ? locale.getLanguage() : GeneralUtilities.getDefaultLocale().getLanguage()%>" style="overflow-x:hidden">
244244
<head>
245245
<title>Knowage</title>
246-
<script type="text/javascript" nonce="rAnd0m">
246+
<script type="text/javascript" nonce="<%= request.getAttribute("cspNonce") %>">
247247
//SERVICE WORKER REGISTRATION
248248
//if ('serviceWorker' in navigator) {
249249
// navigator.serviceWorker.register('../knowage-sw.js?version=' + "<%=it.eng.knowage.wapp.Version.getCompleteVersion()%>")
@@ -275,7 +275,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
275275
<![endif]-->
276276
<!--[if !IE]><!-->
277277
<body class="kn-main-body">
278-
<script type="text/javascript" nonce="rAnd0m">
278+
<script type="text/javascript" nonce="<%= request.getAttribute("cspNonce") %>">
279279
if (/*@cc_on!@*/false) {
280280
document.documentElement.className+=' ie10';
281281
}
@@ -286,7 +286,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
286286

287287

288288

289-
<script type="text/javascript" nonce="rAnd0m">
289+
<script type="text/javascript" nonce="<%= request.getAttribute("cspNonce") %>">
290290
291291
Sbi = new Object();
292292
Sbi.config = function () {
@@ -385,7 +385,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
385385
%>
386386

387387

388-
<script type="text/javascript" nonce="rAnd0m">
388+
<script type="text/javascript" nonce="<%= request.getAttribute("cspNonce") %>">
389389
document.onselectstart = function() { return true; }
390390
391391
var enableUIO = <%=enableUIO%>;
@@ -395,7 +395,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
395395
396396
</script>
397397

398-
<script type="text/javascript" nonce="rAnd0m">
398+
<script type="text/javascript" nonce="<%= request.getAttribute("cspNonce") %>">
399399
var PleaseRotateOptions = {
400400
message: "Please Rotate Your Device",
401401
subMessage: "For a better mobile experience",

knowage/src/main/webapp/WEB-INF/jsp/commons/preview.jsp

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -67,7 +67,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
6767

6868
<div id="myGrid" class="ag-theme-balham kn-preview-table-theme"></div>
6969

70-
<script type="text/javascript" nonce="rAnd0m" charset="utf-8">
70+
<script type="text/javascript" nonce="<%= request.getAttribute("cspNonce") %>" charset="utf-8">
7171
//GLOBAL VARIABLES
7272
const cookie = document.cookie.match(new RegExp('(^|)X-CSRF-TOKEN=([^;]+)'))[2];
7373
const MAX_ROWS_CLIENT_PAGINATION = <%= SingletonConfig.getInstance().getConfigValue("dataset.preview.clientpagination.maxrows") %>;

knowage/src/main/webapp/WEB-INF/jsp/commons/sessionExpired.jsp

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -52,7 +52,7 @@ if (header != null && header.equals("Ext")) {
5252
--%>
5353

5454

55-
<script type="text/javascript" nonce="rAnd0m">
55+
<script type="text/javascript" nonce="<%= request.getAttribute("cspNonce") %>">
5656
var sessionExpiredSpagoBIJSFound = false;
5757
try {
5858
var currentWindow = window;

knowage/src/main/webapp/WEB-INF/jsp/engines/kpi/default/kpiinclusions/kpiDefaultHeaderForSpagoBI.jsp

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -92,7 +92,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
9292
<input type="hidden" id="targetDocumentParameters<%= uuid %>" name="<%= ObjectsTreeConstants.PARAMETERS %>" value="" />
9393
</form>
9494

95-
<script nonce="rAnd0m">
95+
<script nonce="<%= request.getAttribute("cspNonce") %>">
9696
function execCrossNavigation(windowName, label, parameters) {
9797
var uuid = "<%=uuid%>";
9898
document.getElementById('targetDocumentLabel' + uuid).value = label;

knowage/src/main/webapp/WEB-INF/jsp/internationalization/i18nAvailableLanguagesModule.jspf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ You should have received a copy of the GNU Affero General Public License
1515
along with this program. If not, see <http://www.gnu.org/licenses/>.
1616
--%>
1717

18-
<script type="text/javascript" nonce="rAnd0m">
18+
<script type="text/javascript" nonce="<%= request.getAttribute("cspNonce") %>">
1919

2020
(function () {
2121
angular.module('i18nAvailableLanguagesModule', []);

knowage/src/main/webapp/WEB-INF/jsp/internationalization/i18nAvailableLanguagesService.jspf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -67,7 +67,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
6767
i18nAvailableLanguages.put("languages", langs);
6868
%>
6969

70-
<script type="text/javascript" nonce="rAnd0m">
70+
<script type="text/javascript" nonce="<%= request.getAttribute("cspNonce") %>">
7171
(function () {
7272
angular.module('i18nAvailableLanguagesModule')
7373
.factory('i18nAvailableLanguagesService', function(){

0 commit comments

Comments
 (0)