Skip to content
Snippets Groups Projects
Commit ea87d48c authored by Fabrice Gangler's avatar Fabrice Gangler :art:
Browse files

DOC(dev): update Security_CSP_headers/* (PROD website)

parent e19a7b0e
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Documentation/doc_for-developer/Security_CSP_headers/CSP_matomo_hash.php
+ 17
4
View file @ ea87d48c
...@@ -2,7 +2,8 @@ ...@@ -2,7 +2,8 @@
$cspAlgo = 'sha256'; $cspAlgo = 'sha256';
$matomoUrl = 'https://statistiques.adullact.org/'; $matomoUrl = 'https://statistiques.adullact.org/';
$matomoWebsiteId = 14; $matomoWebsiteId = 14; // DEV website
$matomoWebsiteId = 7; // PROD website
$matomoJs = " $matomoJs = "
var _paq = window._paq || []; var _paq = window._paq || [];
_paq.push(['trackPageView']); _paq.push(['trackPageView']);
...@@ -23,13 +24,23 @@ function embedTrackingCode(){ ...@@ -23,13 +24,23 @@ function embedTrackingCode(){
//////////////////////////////////////////////// ////////////////////////////////////////////////
$outputMatomoJs = trim("$matomoJs"); $outputMatomoJs = trim("$matomoJs");
$outputMatomoJsMinified = trim("$matomoJs"); $outputMatomoJsMinified = trim("$matomoJs");
$outputMatomoJsMinified = str_replace(" ", "","$outputMatomoJsMinified"); $outputMatomoJsMinified = preg_replace('/\r\n/', '\n', $outputMatomoJsMinified);
$outputMatomoJsMinified = str_replace(" ", " ","$outputMatomoJsMinified");
$outputMatomoJsMinified = str_replace(" ", " ","$outputMatomoJsMinified");
$outputMatomoJsMinified = str_replace(" ", " ","$outputMatomoJsMinified");
$outputMatomoJsMinified = str_replace(" ", " ","$outputMatomoJsMinified");
$outputMatomoJsMinified = str_replace(" ", " ","$outputMatomoJsMinified");
$outputMatomoJsMinified = str_replace("\n", "","$outputMatomoJsMinified"); $outputMatomoJsMinified = str_replace("\n", "","$outputMatomoJsMinified");
$outputMatomoJsMinified = str_replace("\t", "","$outputMatomoJsMinified"); $outputMatomoJsMinified = str_replace("\t", "","$outputMatomoJsMinified");
$outputMatomoJsMinified = str_replace("\r", "","$outputMatomoJsMinified"); $outputMatomoJsMinified = str_replace("\r", "","$outputMatomoJsMinified");
$outputMatomoJsMinified = str_replace("if (", "if(","$outputMatomoJsMinified");
$outputMatomoJsMinified = str_replace("{ ", "{","$outputMatomoJsMinified");
$outputMatomoJsMinified = str_replace("; ", ";","$outputMatomoJsMinified");
$outputMatomoJsMinified = str_replace(", ", ",","$outputMatomoJsMinified");
$outputMatomoJsMinified = trim("$outputMatomoJsMinified"); $outputMatomoJsMinified = trim("$outputMatomoJsMinified");
$hashOfMatomoJs = hash("$cspAlgo", "\n$outputMatomoJs\n");
$hashOfMatomoJsMinified = hash("$cspAlgo", "$outputMatomoJsMinified"); $hashOfMatomoJs = base64_encode(hash("$cspAlgo", "\n$outputMatomoJs\n", true));
$hashOfMatomoJsMinified = base64_encode(hash("$cspAlgo", "$outputMatomoJsMinified", true));
//////////////////////////////////////////////// ////////////////////////////////////////////////
$outputMatomoHml = ''; $outputMatomoHml = '';
$outputMatomoHml .= "<!-- Matomo - Embedding JS file after load event -->\n"; $outputMatomoHml .= "<!-- Matomo - Embedding JS file after load event -->\n";
...@@ -58,6 +69,8 @@ function embedTrackingCode(){ ...@@ -58,6 +69,8 @@ function embedTrackingCode(){
echo "\n\n------ Matomo HTML minified ------------------------------------\n"; echo "\n\n------ Matomo HTML minified ------------------------------------\n";
echo "$outputMatomoHmlMinified"; echo "$outputMatomoHmlMinified";
echo "\n\n------------------------------------------\n"; echo "\n\n------------------------------------------\n";
echo "$cspAlgo-$hashOfMatomoJsMinified";
echo "\n\n------------------------------------------\n";
Documentation/doc_for-developer/Security_CSP_headers/DEV_matomo-loader.txt
+ 10
7
View file @ ea87d48c
...@@ -7,7 +7,7 @@ _paq.push(['enableLinkTracking']); ...@@ -7,7 +7,7 @@ _paq.push(['enableLinkTracking']);
function embedTrackingCode(){ function embedTrackingCode(){
var u='https://statistiques.adullact.org/'; var u='https://statistiques.adullact.org/';
_paq.push(['setTrackerUrl', u+'matomo.php']); _paq.push(['setTrackerUrl', u+'matomo.php']);
_paq.push(['setSiteId', '14']); _paq.push(['setSiteId', '7']);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0]; var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.type='text/javascript'; g.async=true; g.defer=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s); g.type='text/javascript'; g.async=true; g.defer=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s);
} }
...@@ -16,11 +16,11 @@ else if (window.attachEvent){ window.attachEvent('onload', embedTrackingCode); ...@@ -16,11 +16,11 @@ else if (window.attachEvent){ window.attachEvent('onload', embedTrackingCode);
else { embedTrackingCode(); } else { embedTrackingCode(); }
------ CSP hash for Matomo JS loader : sha256 ------------------------------------ ------ CSP hash for Matomo JS loader : sha256 ------------------------------------
sha256-e6dbe537832f876680296da6f038b2e24584d50253fc8c8dc18241dbe1afb4e4 sha256-Etwpv5PNlBw5TGvXiczIzK10QF33EIca/tawHsZfkwk=
------ Matomo HTML ------------------------------------ ------ Matomo HTML ------------------------------------
<!-- Matomo - Embedding JS file after load event --> <!-- Matomo - Embedding JS file after load event -->
<!-- CSP hash: sha256-e6dbe537832f876680296da6f038b2e24584d50253fc8c8dc18241dbe1afb4e4 --> <!-- CSP hash: sha256-Etwpv5PNlBw5TGvXiczIzK10QF33EIca/tawHsZfkwk= -->
<script> <script>
var _paq = window._paq || []; var _paq = window._paq || [];
_paq.push(['trackPageView']); _paq.push(['trackPageView']);
...@@ -28,7 +28,7 @@ _paq.push(['enableLinkTracking']); ...@@ -28,7 +28,7 @@ _paq.push(['enableLinkTracking']);
function embedTrackingCode(){ function embedTrackingCode(){
var u='https://statistiques.adullact.org/'; var u='https://statistiques.adullact.org/';
_paq.push(['setTrackerUrl', u+'matomo.php']); _paq.push(['setTrackerUrl', u+'matomo.php']);
_paq.push(['setSiteId', '14']); _paq.push(['setSiteId', '7']);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0]; var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.type='text/javascript'; g.async=true; g.defer=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s); g.type='text/javascript'; g.async=true; g.defer=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s);
} }
...@@ -39,12 +39,15 @@ else { embedTrackingCode(); ...@@ -39,12 +39,15 @@ else { embedTrackingCode();
<!-- END Matomo --> <!-- END Matomo -->
------ CSP hash for Matomo JS loader minified : sha256 ------------------------------------ ------ CSP hash for Matomo JS loader minified : sha256 ------------------------------------
sha256-0dea72a0b69fffc3ae5b6ba5c3209d4f81d5d0abc310eedc7991249e44affd9c sha256-Oj7byVaFtnTXnxkJUhS8WcENCO4gmFgzKQ47r9DQhcU=
------ Matomo HTML minified ------------------------------------ ------ Matomo HTML minified ------------------------------------
<!-- Matomo - Embedding JS file after load event --> <!-- Matomo - Embedding JS file after load event -->
<!-- CSP hash: sha256-0dea72a0b69fffc3ae5b6ba5c3209d4f81d5d0abc310eedc7991249e44affd9c --> <!-- CSP hash: sha256-Oj7byVaFtnTXnxkJUhS8WcENCO4gmFgzKQ47r9DQhcU= -->
<script>var_paq=window._paq||[];_paq.push(['trackPageView']);_paq.push(['enableLinkTracking']);functionembedTrackingCode(){varu='https://statistiques.adullact.org/';_paq.push(['setTrackerUrl',u+'matomo.php']);_paq.push(['setSiteId','14']);vard=document,g=d.createElement('script'),s=d.getElementsByTagName('script')[0];g.type='text/javascript';g.async=true;g.defer=true;g.src=u+'matomo.js';s.parentNode.insertBefore(g,s);}if(window.addEventListener){window.addEventListener('load',embedTrackingCode,false);}elseif(window.attachEvent){window.attachEvent('onload',embedTrackingCode);}else{embedTrackingCode();}</script> <script>var _paq = window._paq || [];_paq.push(['trackPageView']);_paq.push(['enableLinkTracking']);function embedTrackingCode(){var u='https://statistiques.adullact.org/';_paq.push(['setTrackerUrl',u+'matomo.php']);_paq.push(['setSiteId','7']);var d=document,g=d.createElement('script'),s=d.getElementsByTagName('script')[0];g.type='text/javascript';g.async=true;g.defer=true;g.src=u+'matomo.js';s.parentNode.insertBefore(g,s);}if(window.addEventListener){window.addEventListener('load',embedTrackingCode,false);}else if(window.attachEvent){window.attachEvent('onload',embedTrackingCode);}else {embedTrackingCode();}</script>
<!-- END Matomo --> <!-- END Matomo -->
------------------------------------------ ------------------------------------------
sha256-Oj7byVaFtnTXnxkJUhS8WcENCO4gmFgzKQ47r9DQhcU=
------------------------------------------
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment