Skip to content

Commit 19333c0

Browse files
AC-10686: [PCI] SRI enabled on payment pages
1 parent 62ab26c commit 19333c0

File tree

6 files changed

+27
-130
lines changed

6 files changed

+27
-130
lines changed

app/code/Magento/Csp/Block/Sri/Hashes.php

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@
77

88
use Magento\Framework\App\ObjectManager;
99
use Magento\Framework\View\Element\Template;
10+
use Magento\Framework\Exception\LocalizedException;
1011
use Magento\Framework\Serialize\SerializerInterface;
1112
use Magento\Framework\View\Element\Template\Context;
1213
use Magento\Csp\Model\SubresourceIntegrityRepositoryPool;
@@ -50,7 +51,9 @@ public function __construct(
5051
}
5152

5253
/**
53-
* Retrieve serialized integrity hashes.
54+
* Retrieves integrity hashes in serialized format.
55+
*
56+
* @throws LocalizedException
5457
*
5558
* @return string
5659
*/
@@ -59,7 +62,7 @@ public function getSerialized(): string
5962
$result = [];
6063

6164
$integrityRepository = $this->integrityRepositoryPool->get(
62-
$this->getRequest()->getFullActionName()
65+
$this->_appState->getAreaCode()
6366
);
6467

6568
foreach ($integrityRepository->getAll() as $integrity) {

app/code/Magento/Csp/Model/Collector/SubresourceIntegrityCollector.php

Lines changed: 0 additions & 79 deletions
This file was deleted.

app/code/Magento/Csp/Plugin/AddDefaultPropertiesToGroupPlugin.php

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77

88
namespace Magento\Csp\Plugin;
99

10-
use Magento\Framework\App\Request\Http;
10+
use Magento\Framework\App\State;
1111
use Magento\Framework\View\Asset\AssetInterface;
1212
use Magento\Framework\View\Asset\GroupedCollection;
1313
use Magento\Csp\Model\SubresourceIntegrityRepositoryPool;
@@ -18,24 +18,24 @@
1818
class AddDefaultPropertiesToGroupPlugin
1919
{
2020
/**
21-
* @var Http
21+
* @var State
2222
*/
23-
private Http $request;
23+
private State $state;
2424

2525
/**
2626
* @var SubresourceIntegrityRepositoryPool
2727
*/
2828
private SubresourceIntegrityRepositoryPool $integrityRepositoryPool;
2929

3030
/**
31-
* @param Http $request
31+
* @param State $state
3232
* @param SubresourceIntegrityRepositoryPool $integrityRepositoryPool
3333
*/
3434
public function __construct(
35-
Http $request,
35+
State $state,
3636
SubresourceIntegrityRepositoryPool $integrityRepositoryPool
3737
) {
38-
$this->request = $request;
38+
$this->state = $state;
3939
$this->integrityRepositoryPool = $integrityRepositoryPool;
4040
}
4141

@@ -54,7 +54,7 @@ public function beforeGetFilteredProperties(
5454
array $properties = []
5555
): array {
5656
$integrityRepository = $this->integrityRepositoryPool->get(
57-
$this->request->getFullActionName()
57+
$this->state->getAreaCode()
5858
);
5959

6060
$integrity = $integrityRepository->getByUrl($asset->getUrl());

app/code/Magento/Csp/Plugin/GenerateAssetIntegrity.php

Lines changed: 15 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,6 @@
1212
use Magento\Framework\App\View\Asset\Publisher;
1313
use Magento\Framework\View\Asset\LocalInterface;
1414
use Magento\Framework\View\Asset\AssetInterface;
15-
use Magento\Framework\App\Config\ScopeConfigInterface;
1615
use Magento\Csp\Model\SubresourceIntegrityFactory;
1716
use Magento\Csp\Model\SubresourceIntegrity\HashGenerator;
1817
use Magento\Csp\Model\SubresourceIntegrityRepositoryPool;
@@ -29,11 +28,6 @@ class GenerateAssetIntegrity
2928
*/
3029
private const CONTENT_TYPES = ["js"];
3130

32-
/**
33-
* @var ScopeConfigInterface
34-
*/
35-
private ScopeConfigInterface $config;
36-
3731
/**
3832
* @var HashGenerator
3933
*/
@@ -50,18 +44,15 @@ class GenerateAssetIntegrity
5044
private SubresourceIntegrityRepositoryPool $integrityRepositoryPool;
5145

5246
/**
53-
* @param ScopeConfigInterface $config
5447
* @param HashGenerator $hashGenerator
5548
* @param SubresourceIntegrityFactory $integrityFactory
5649
* @param SubresourceIntegrityRepositoryPool $integrityRepositoryPool
5750
*/
5851
public function __construct(
59-
ScopeConfigInterface $config,
6052
HashGenerator $hashGenerator,
6153
SubresourceIntegrityFactory $integrityFactory,
6254
SubresourceIntegrityRepositoryPool $integrityRepositoryPool
6355
) {
64-
$this->config = $config;
6556
$this->hashGenerator = $hashGenerator;
6657
$this->integrityFactory = $integrityFactory;
6758
$this->integrityRepositoryPool = $integrityRepositoryPool;
@@ -124,28 +115,23 @@ public function afterCreateRequireJsConfigAsset(
124115
*/
125116
private function generateIntegrity(LocalInterface $asset): void
126117
{
127-
$assetsCoveredBySri = $this->config->getValue(
128-
"csp/sri/covered_assets"
118+
$integrity = $this->integrityFactory->create(
119+
[
120+
"data" => [
121+
'hash' => $this->hashGenerator->generate(
122+
$asset->getContent()
123+
),
124+
'url' => $asset->getUrl()
125+
]
126+
]
129127
);
130128

131-
foreach ($assetsCoveredBySri ?: [] as $action => $patterns) {
132-
foreach ($patterns as $pattern) {
133-
if (preg_match("/" . $pattern . "/", $asset->getUrl())) {
134-
$integrity = $this->integrityFactory->create(
135-
[
136-
"data" => [
137-
'hash' => $this->hashGenerator->generate(
138-
$asset->getContent()
139-
),
140-
'url' => $asset->getUrl()
141-
]
142-
]
143-
);
129+
$area = explode(
130+
"/",
131+
parse_url($asset->getUrl(), PHP_URL_PATH)
132+
)[3];
144133

145-
$this->integrityRepositoryPool->get($action)
146-
->save($integrity);
147-
}
148-
}
149-
}
134+
$this->integrityRepositoryPool->get($area)
135+
->save($integrity);
150136
}
151137
}

app/code/Magento/Csp/etc/di.xml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,6 @@
3333
<item name="whitelist" xsi:type="object" sortOrder="2">Magento\Csp\Model\Collector\CspWhitelistXmlCollector\Proxy</item>
3434
<item name="controller" xsi:type="object" sortOrder="100">Magento\Csp\Model\Collector\ControllerCollector\Proxy</item>
3535
<item name="dynamic" xsi:type="object" sortOrder="3">Magento\Csp\Model\Collector\DynamicCollector\Proxy</item>
36-
<item name="sri" xsi:type="object" sortOrder="2">Magento\Csp\Model\Collector\SubresourceIntegrityCollector\Proxy</item>
3736
</argument>
3837
<argument name="mergers" xsi:type="array">
3938
<item name="composite" xsi:type="object">Magento\Csp\Model\Collector\MergerInterface</item>

app/code/Magento/Sales/etc/config.xml

Lines changed: 0 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -127,17 +127,5 @@
127127
<email_required_create_order>1</email_required_create_order>
128128
</create_account>
129129
</customer>
130-
<csp>
131-
<sri>
132-
<covered_assets>
133-
<checkout_index_index>
134-
<require_js>.*\/frontend\/Magento\/luma\/[a-z]{2}_[A-Z]{2}\/requirejs\/require.js</require_js>
135-
<mixins_js>.*\/frontend\/Magento\/luma\/[a-z]{2}_[A-Z]{2}\/mage\/requirejs\/mixins.js</mixins_js>
136-
<requirejs_config_js>.*\/frontend\/Magento\/luma\/[a-z]{2}_[A-Z]{2}\/requirejs-config.js</requirejs_config_js>
137-
<sri_js>.*\/frontend\/Magento\/luma\/[a-z]{2}_[A-Z]{2}\/Magento_Csp\/js\/sri.js</sri_js>
138-
</checkout_index_index>
139-
</covered_assets>
140-
</sri>
141-
</csp>
142130
</default>
143131
</config>

0 commit comments

Comments
 (0)