protected function _getView($path = null, $node = null)
{
$view = new Zend_View();
$view->setScriptPath('Filemanager/views');
$view->logoPath = Tinebase_Core::getUrl() . '/images/tine_logo.png';
if ($path !== null) {
$view->path = empty($path) ? '/' . $node->name : '/' . implode('/', $path);
}
}
echo "\n <script type='text/javascript' language='javascript' src='Setup/js/Setup-FAT.js'></script>";
echo "\n <script type='text/javascript' language='javascript' src='Tinebase/js/Tinebase-lang-" . (string) $locale . ".js'></script>";
echo "\n <script type='text/javascript' language='javascript' src='Setup/js/Setup-lang-" . (string) $locale . ".js'></script>";
break;
case 'DEBUG':
echo "\n <link rel='stylesheet' type='text/css' href='Tinebase/css/Tinebase-FAT.css' />";
echo "\n <link rel='stylesheet' type='text/css' href='Setup/css/Setup-FAT.css' />";
echo "\n <script type='text/javascript' language='javascript' src='Tinebase/js/Tinebase-FAT-debug.js'></script>";
echo "\n <script type='text/javascript' language='javascript' src='Tinebase/js/Tinebase-libs-FAT-debug.js'></script>";
echo "\n <script type='text/javascript' language='javascript' src='Setup/js/Setup-FAT-debug.js'></script>";
echo "\n <script type='text/javascript' language='javascript' src='Tinebase/js/Tinebase-lang-" . (string) $locale . "-debug.js'></script>";
echo "\n <script type='text/javascript' language='javascript' src='Setup/js/Setup-lang-" . (string) $locale . "-debug.js'></script>";
break;
case 'DEVELOPMENT':
default:
echo "\n <!-- amd/commonjs loader dependencies -->";
$webPackDevServerUrl = Tinebase_Core::getUrl('protocol') . '://' . Tinebase_Core::getUrl('host') . ':10443/';
echo "\n <script src='{$webPackDevServerUrl}Tinebase-libs-FAT.js'></script>";
echo "\n <script src='{$webPackDevServerUrl}webpack-dev-server.js'></script>";
echo "\n\n <!-- jsbuilder dependencies -->";
echo $this->jsb2tk->getHTML();
echo ' <script type="text/javascript" language="javascript" src="setup.php?method=Tinebase.getJsTranslations&' . time() . '"></script>';
break;
}
?>
</head>
<body>
<noscript>You need to enable javascript to use <a href="http://www.tine20.org">Tine 2.0 setup or use the CLI setup</a></noscript>
</body>
</html>
protected function _getDownloadUrl($id)
{
return Tinebase_Core::getUrl() . '/download/show/' . $id;
}
/**
* set headers for mainscreen
*/
protected function _setMainscreenHeaders()
{
if (headers_sent()) {
return;
}
header('Content-Type: text/html; charset=utf-8');
// obsoleted by CSP see https://www.w3.org/TR/CSP2/#directive-frame-ancestors
//header('X-Frame-Options: SAMEORIGIN');
$frameAncestors = implode(' ', array_merge((array) Tinebase_Core::getConfig()->get(Tinebase_Config::ALLOWEDJSONORIGINS, array()), array("'self'")));
// set Content-Security-Policy header against clickjacking and XSS
// @see https://developer.mozilla.org/en/Security/CSP/CSP_policy_directives
$scriptSrcs = array("'self'", "'unsafe-eval'", 'https://versioncheck.tine20.net');
if (TINE20_BUILDTYPE == 'DEVELOPMENT') {
$scriptSrcs[] = Tinebase_Core::getUrl('protocol') . '://' . Tinebase_Core::getUrl('host') . ":10443";
}
$scriptSrc = implode(' ', $scriptSrcs);
header("Content-Security-Policy: default-src 'self'");
header("Content-Security-Policy: script-src {$scriptSrc}");
header("Content-Security-Policy: frame-ancestors {$frameAncestors}");
// headers for IE 10+11
header("X-Content-Security-Policy: default-src 'self'");
header("X-Content-Security-Policy: script-src {$scriptSrc}");
header("X-Content-Security-Policy: frame-ancestors {$frameAncestors}");
// set Strict-Transport-Security; used only when served over HTTPS
header('Strict-Transport-Security: max-age=16070400');
// cache mainscreen for 10 minutes
$maxAge = 600;
header('Cache-Control: private, max-age=' . $maxAge);
header("Expires: " . gmdate('D, d M Y H:i:s', Tinebase_DateTime::now()->addSecond($maxAge)->getTimestamp()) . " GMT");
// overwrite Pragma header from session
header("Pragma: cache");
}
/**
* get download url for link
*
* @param string $action one of show|get
* @return string
*/
public function getDownloadUrl($action = 'show')
{
$baseURL = Filemanager_Config::getInstance()->get(Filemanager_Config::PUBLIC_DOWNLOAD_URL, Tinebase_Core::getUrl() . '/download');
$downloadURL = $baseURL . '/' . $action . '/' . $this->getId();
return $downloadURL;
}
<input type="text" value="data.changed" id="topic"> <br />
<textarea rows="4" cols="50" id="message">This message was send with love from an external thirdparty Tine 2.0 xwindow client</textarea><br />
<br />
<input type="button" value="Send Message" id="sendMessage">
<input type="button" value="Clear" id="clear">
<input type="button" value="Disconnect" id="disconnect">
</div>
<div id="messages"></div>
<script>
var config = postal.fedx.transports.xwindow.configure();
postal.fedx.transports.xwindow.configure( {
localStoragePrefix: "<?php
echo Tinebase_Core::getUrl('path') . '/Tine.';
?>
" + config.localStoragePrefix
} );
// We need to tell postal how to get a deferred instance
postal.configuration.promise.createDeferred = function() {
return new $.Deferred();
};
// We need to tell postal how to get a "public-facing"/safe promise instance
postal.configuration.promise.getPromise = function(dfd) {
return dfd.promise();
};
postal.instanceId('xwindow-' + _.random(0,1000));
postal.fedx.addFilter([
