Skip to content

Commit 28b1789

Browse files
dvoskoboinikovdvoskoboinikov
committed
AC-10686: [PCI] SRI enabled on payment pages
1 parent 6f605c2 commit 28b1789

File tree

3 files changed

+26
-5
lines changed

3 files changed

+26
-5
lines changed

app/code/Magento/Csp/Block/Sri/Hashes.php

Lines changed: 14 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@
88
namespace Magento\Csp\Block\Sri;
99

1010
use Magento\Framework\UrlInterface;
11+
use Magento\Deploy\Package\Package;
1112
use Magento\Framework\App\ObjectManager;
1213
use Magento\Framework\View\Element\Template;
1314
use Magento\Framework\Exception\LocalizedException;
@@ -64,12 +65,22 @@ public function getSerialized(): string
6465
{
6566
$result = [];
6667

68+
$baseUrl = $this->_urlBuilder->getBaseUrl(
69+
["_type" => UrlInterface::URL_TYPE_STATIC]
70+
);
71+
6772
$integrityRepository = $this->integrityRepositoryPool->get(
68-
$this->_appState->getAreaCode()
73+
Package::BASE_AREA
6974
);
7075

71-
$baseUrl = $this->_urlBuilder->getBaseUrl(
72-
["_type" => UrlInterface::URL_TYPE_STATIC]
76+
foreach ($integrityRepository->getAll() as $integrity) {
77+
$url = $baseUrl . $integrity->getPath();
78+
79+
$result[$url] = $integrity->getHash();
80+
}
81+
82+
$integrityRepository = $this->integrityRepositoryPool->get(
83+
$this->_appState->getAreaCode()
7384
);
7485

7586
foreach ($integrityRepository->getAll() as $integrity) {

app/code/Magento/Csp/Plugin/AddDefaultPropertiesToGroupPlugin.php

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@
88
namespace Magento\Csp\Plugin;
99

1010
use Magento\Framework\App\State;
11+
use Magento\Deploy\Package\Package;
1112
use Magento\Framework\View\Asset\AssetInterface;
1213
use Magento\Framework\View\Asset\LocalInterface;
1314
use Magento\Framework\View\Asset\GroupedCollection;
@@ -56,11 +57,19 @@ public function beforeGetFilteredProperties(
5657
): array {
5758
if ($asset instanceof LocalInterface) {
5859
$integrityRepository = $this->integrityRepositoryPool->get(
59-
$this->state->getAreaCode()
60+
Package::BASE_AREA
6061
);
6162

6263
$integrity = $integrityRepository->getByPath($asset->getPath());
6364

65+
if (!$integrity) {
66+
$integrityRepository = $this->integrityRepositoryPool->get(
67+
$this->state->getAreaCode()
68+
);
69+
70+
$integrity = $integrityRepository->getByPath($asset->getPath());
71+
}
72+
6473
if ($integrity && $integrity->getHash()) {
6574
$properties['attributes']['integrity'] = $integrity->getHash();
6675
$properties['attributes']['crossorigin'] = 'anonymous';

app/code/Magento/Csp/Plugin/RemoveAllAssetIntegrityHashes.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@
88
namespace Magento\Csp\Plugin;
99

1010
use Magento\Framework\App\Area;
11+
use Magento\Deploy\Package\Package;
1112
use Magento\Deploy\Console\DeployStaticOptions;
1213
use Magento\Deploy\Service\DeployStaticContent;
1314
use Magento\Csp\Model\SubresourceIntegrityRepositoryPool;
@@ -46,7 +47,7 @@ public function beforeDeploy(
4647
array $options
4748
): void {
4849
if (PHP_SAPI == 'cli' && !$this->isRefreshContentVersionOnly($options)) {
49-
foreach ([Area::AREA_FRONTEND, Area::AREA_ADMINHTML] as $area) {
50+
foreach ([Package::BASE_AREA, Area::AREA_FRONTEND, Area::AREA_ADMINHTML] as $area) {
5051
$this->integrityRepositoryPool->get($area)
5152
->deleteAll();
5253
}

0 commit comments

Comments
 (0)