From 269df7b6e1999c24e6cd77520181a2a7ce729b11 Mon Sep 17 00:00:00 2001
From: Adrian Maraj <adrian.maraj@yahoo.de>
Date: Mon, 29 Apr 2024 13:09:54 +0200
Subject: [PATCH] changes so that you can ignore the sri while developing

---
 config/generic.json.sample         |  1 +
 website/web/__init__.py            |  6 +++++-
 website/web/sri.txt                |  1 +
 website/web/templates/capture.html |  2 +-
 website/web/templates/index.html   |  2 +-
 website/web/templates/main.html    | 12 ++++++------
 website/web/templates/search.html  |  2 +-
 website/web/templates/stats.html   |  6 +++---
 website/web/templates/tree.html    |  4 ++--
 9 files changed, 21 insertions(+), 15 deletions(-)

diff --git a/config/generic.json.sample b/config/generic.json.sample
index a2db28d..09280ee 100644
--- a/config/generic.json.sample
+++ b/config/generic.json.sample
@@ -13,6 +13,7 @@
     "days": 0,
     "hours": 0
   },
+  "enable_ignore_sri": false,
   "async_capture_processes": 1,
   "use_user_agents_users": false,
   "enable_default_blur_screenshot": false,
diff --git a/website/web/__init__.py b/website/web/__init__.py
index 0bd8158..128930f 100644
--- a/website/web/__init__.py
+++ b/website/web/__init__.py
@@ -135,6 +135,7 @@ blur_screenshot = get_config('generic', 'enable_default_blur_screenshot')
 
 use_own_ua = get_config('generic', 'use_user_agents_users')
 enable_mail_notification = get_config('generic', 'enable_mail_notification')
+enable_ignore_sri = get_config('generic', 'enable_ignore_sri')
 if enable_mail_notification:
     confirm_message = get_config('generic', 'email').get('confirm_message')
 else:
@@ -178,8 +179,10 @@ app.jinja_env.globals.update(month_name=month_name)
 
 
 def get_sri(directory: str, filename: str) -> str:
+    if enable_ignore_sri:
+        return ""
     sha512 = sri_load()[directory][filename]
-    return f'sha512-{sha512}'
+    return f'integrity=sha512-{sha512}'
 
 
 app.jinja_env.globals.update(get_sri=get_sri)
@@ -1173,6 +1176,7 @@ def tree(tree_uuid: str, node_uuid: str | None=None) -> Response | str | Werkzeu
                                screenshot_size=screenshot_size,
                                meta=meta, enable_mail_notification=enable_mail_notification,
                                enable_monitoring=lookyloo.monitoring_enabled,
+                               ignore_sri_enable=enable_ignore_sri,
                                monitoring_settings=lookyloo.monitoring_settings if lookyloo.monitoring_enabled else None,
                                monitoring_collections=monitoring_collections if lookyloo.monitoring_enabled else [],
                                enable_context_by_users=enable_context_by_users,
diff --git a/website/web/sri.txt b/website/web/sri.txt
index ae12e5e..0b44db0 100644
--- a/website/web/sri.txt
+++ b/website/web/sri.txt
@@ -22,6 +22,7 @@
     "generic.css": "Sh/BcxFMLYYaLdCluVt9efGvJ9CF5d+YJ7lkL2M24PRGu8VZHI9lJiUlFObIocjQgwss3Ve2U5cUAE5WiAdpQQ==",
     "generic.js": "h2tLqpn8r1mZ/5FqiBDK6Er6mY5MdRuyir2mS9piT8VUUco2daxdKWSkiEtIsH2Ok+/W+NJb95A1ob5J/6sW4A==",
     "html.png": "T7pZrb8MMDsA/JV/51hu+TOglTqlxySuEVY0rpDjTuAEyhzk2v+W4kYrj7vX+Tp3n2d2lvVD08PwhCG62Yfbzg==",
+    "html2canvas.min.js": "BNaRQnYJYiPSqHHDb58B0yaPfCu+Wgds8Gp/gU33kqBtgNS4tSPHuGibyoeqMV/TJlSKda6FXzoEyYGjTe+vXA==",
     "ifr.png": "rI5YJypmz1QcULRf9UaOYSqV4tPUSxUdLAycoYzCwywt4Pw4eWzBg9SUr769VyIimoiIyJR+aNuoIA4p5WO2fQ==",
     "img.png": "bknBlmIfSb9qv9/lSaJ2idn2a8bDyvJ2pATj4oOpehRlCdXlWYOyb2jN3wV1QGHFoqyxNqOv5MfCpI0tbqkicg==",
     "index.css": "2hAsQwCClHQ7b6VthbKYIkUPam4Ef6wbSxa3+nK0UuqCHezvPMr3aqpz16gD0lyYop55VEd/dhzZJLA4WMAplQ==",
diff --git a/website/web/templates/capture.html b/website/web/templates/capture.html
index ecf9f36..a4e6db2 100644
--- a/website/web/templates/capture.html
+++ b/website/web/templates/capture.html
@@ -375,7 +375,7 @@
 {% block scripts %}
   {{ super() }}
   <script src='{{ url_for('static', filename='capture.js') }}'
-          integrity="{{get_sri('static', 'capture.js')}}"
+          {{get_sri('static', 'capture.js')}}
           crossorigin="anonymous"></script>
   <script>
   $('#nav-url-tab').on('click', function(e) {
diff --git a/website/web/templates/index.html b/website/web/templates/index.html
index a9ee30f..7b3f30f 100644
--- a/website/web/templates/index.html
+++ b/website/web/templates/index.html
@@ -51,7 +51,7 @@ $(document).ready(function () {
 {% block styles %}
 {{ super() }}
 <link rel="stylesheet" href="{{ url_for('static', filename='index.css') }}"
-      integrity="{{get_sri('static', 'index.css')}}"
+      {{get_sri('static', 'index.css')}}
       crossorigin="anonymous">
 {% endblock %}
 
diff --git a/website/web/templates/main.html b/website/web/templates/main.html
index 375144e..4c23c03 100644
--- a/website/web/templates/main.html
+++ b/website/web/templates/main.html
@@ -6,17 +6,17 @@
     <meta charset="utf-8">
     <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
     <link rel="shortcut icon" href="{{ url_for('static', filename='favicon.ico') }}"
-          integrity="{{get_sri('static', 'favicon.ico')}}"
+          {{get_sri('static', 'favicon.ico')}}
           crossorigin="anonymous">
 
     {% block styles %}
     <!-- Bootstrap CSS -->
     {{ bootstrap.load_css() }}
     <link rel="stylesheet" href="{{ url_for('static', filename='generic.css') }}"
-          integrity="{{get_sri('static', 'generic.css')}}"
+          {{get_sri('static', 'generic.css')}}
           crossorigin="anonymous">
     <link rel="stylesheet" href="{{ url_for('static', filename='datatables.min.css') }}"
-          integrity="{{get_sri('static', 'datatables.min.css')}}"
+          {{get_sri('static', 'datatables.min.css')}}
           crossorigin="anonymous">
     {% endblock %}
 
@@ -36,13 +36,13 @@
     <!-- Optional JavaScript -->
     {{ bootstrap.load_js() }}
     <script src='{{ url_for('static', filename='jquery.min.js') }}'
-            integrity="{{get_sri('static', 'jquery.min.js')}}"
+            {{get_sri('static', 'jquery.min.js')}}
             crossorigin="anonymous"></script>
     <script src='{{ url_for('static', filename='datatables.min.js') }}'
-            integrity="{{get_sri('static', 'datatables.min.js')}}"
+            {{get_sri('static', 'datatables.min.js')}}
             crossorigin="anonymous"></script>
     <script src='{{ url_for('static', filename='generic.js') }}'
-            integrity="{{get_sri('static', 'generic.js')}}"
+            {{get_sri('static', 'generic.js')}}
             crossorigin="anonymous"></script>
     {% endblock %}
   </body>
diff --git a/website/web/templates/search.html b/website/web/templates/search.html
index 3666fed..a4738e2 100644
--- a/website/web/templates/search.html
+++ b/website/web/templates/search.html
@@ -62,6 +62,6 @@
 {% block scripts %}
   {{ super() }}
   <script src='{{ url_for('static', filename='capture.js') }}'
-          integrity="{{get_sri('static', 'capture.js')}}"
+          {{get_sri('static', 'capture.js')}}
           crossorigin="anonymous"></script>
 {% endblock %}
diff --git a/website/web/templates/stats.html b/website/web/templates/stats.html
index b7ac2e5..b42617e 100644
--- a/website/web/templates/stats.html
+++ b/website/web/templates/stats.html
@@ -70,16 +70,16 @@
 {% block scripts %}
 {{ super() }}
 <script src='{{ url_for('static', filename='d3.min.js') }}'
-        integrity="{{get_sri('static', 'd3.min.js')}}"
+        {{get_sri('static', 'd3.min.js')}}
         crossorigin="anonymous"></script>
 <script src='{{ url_for('static', filename='stats_graph.js') }}'
-        integrity="{{get_sri('static', 'stats_graph.js')}}"
+        {{get_sri('static', 'stats_graph.js')}}
         crossorigin="anonymous"></script>
 {% endblock %}
 
 {% block styles %}
 {{ super() }}
 <link rel="stylesheet" href="{{ url_for('static', filename='stats.css') }}"
-      integrity="{{get_sri('static', 'stats.css')}}"
+      {{get_sri('static', 'stats.css')}}
       crossorigin="anonymous">
 {% endblock %}
diff --git a/website/web/templates/tree.html b/website/web/templates/tree.html
index 52e4919..72c758b 100644
--- a/website/web/templates/tree.html
+++ b/website/web/templates/tree.html
@@ -29,10 +29,10 @@
 {% block scripts %}
   {{ super() }}
   <script src='{{ url_for('static', filename='d3.min.js') }}'
-          integrity="{{get_sri('static', 'd3.min.js')}}"
+          {{get_sri('static', 'd3.min.js')}}
           crossorigin="anonymous"></script>
   <script src='{{ url_for('static', filename='tree.js') }}'
-          integrity="{{get_sri('static', 'tree.js')}}"
+          {{get_sri('static', 'tree.js')}}
           crossorigin="anonymous"></script>
 
   <script>