Skip to content

Commit

Permalink
fix/security_policy
Browse files Browse the repository at this point in the history
  • Loading branch information
TheoJustin committed Aug 23, 2024
1 parent fea0d66 commit 2c1a5a8
Show file tree
Hide file tree
Showing 4 changed files with 77 additions and 1 deletion.
45 changes: 45 additions & 0 deletions requirements.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
blinker==1.8.2
cliapp==1.20180812.1
click==8.1.7
cmdtest==0.32+git
command-not-found==0.3
cryptography==3.4.8
dbus-python==1.2.18
distro==1.7.0
distro-info==1.1+ubuntu0.1
Flask==3.0.3
Flask-Cors==4.0.1
httplib2==0.20.2
importlib-metadata==4.6.4
itsdangerous==2.2.0
jeepney==0.7.1
Jinja2==3.1.4
joblib==1.4.2
keyring==23.5.0
launchpadlib==1.10.16
lazr.restfulclient==0.14.4
lazr.uri==1.0.6
Markdown==3.3.6
MarkupSafe==2.1.5
more-itertools==8.10.0
netifaces==0.11.0
nltk==3.9.1
oauthlib==3.2.0
Pygments==2.11.2
PyGObject==3.42.1
PyJWT==2.3.0
pyparsing==2.4.7
python-apt==2.4.0+ubuntu2
PyYAML==5.4.1
regex==2024.7.24
SecretStorage==3.3.1
six==1.16.0
systemd-python==234
tqdm==4.66.5
ttystatus==0.38
ubuntu-advantage-tools==8001
ufw==0.36.1
unattended-upgrades==0.1
wadllib==1.3.6
Werkzeug==3.0.4
zipp==1.0.0
2 changes: 1 addition & 1 deletion src/ss_frontend/public/.ic-assets.json5
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@
// Notes about the CSP below:
// - We added img-src data: because data: images are used often.
// - frame-ancestors: none mitigates clickjacking attacks. See https://owasp.org/www-community/attacks/Clickjacking.
"Content-Security-Policy": "default-src 'self';script-src 'self';connect-src 'self' http://localhost:* https://icp0.io https://*.icp0.io https://icp-api.io;img-src https://web-production-d8ae.up.railway.app/analyze 'self' data:;style-src * 'unsafe-inline';style-src-elem * 'unsafe-inline';font-src *;object-src 'none';base-uri 'self';frame-ancestors 'none';form-action 'self';upgrade-insecure-requests;",
"Content-Security-Policy": "default-src 'self';script-src 'self';connect-src 'self' http://localhost:* https://icp0.io https://*.icp0.io https://icp-api.io https://web-production-d8ae.up.railway.app;img-src 'self' data:;style-src * 'unsafe-inline';style-src-elem * 'unsafe-inline';font-src *;object-src 'none';base-uri 'self';frame-ancestors 'none';form-action 'self';upgrade-insecure-requests;",

// Security: The permissions policy disables all features for security reasons. If your site needs such permissions, activate them.
// To configure permissions go here https://www.permissionspolicy.com/
Expand Down
Binary file added src/ss_frontend/src/assets/bg-ss-real.jpg
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
31 changes: 31 additions & 0 deletions src/ss_frontend/src/pages/AboutPage.jsx
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
import React from "react";
import MainTemplate from "../templates/MainTemplate";
import bg from "../assets/bg-ss-real.jpg";
import logo from "../assets/ss_logo.png";

const AboutPage = () => {
return (
<div>
<MainTemplate>
<div className="w-screen h-80 flex flex-col justify-center items-center relative">
<div
className="absolute inset-0 bg-cover bg-center opacity-80"
style={{
backgroundImage: `url(${bg})`,
backgroundPosition: "center 68%",
}}
/>
<p className="font-bold text-4xl z-10">About Sunshine</p>
<p className="mt-4 font-semibold text-lg z-10">
Socialfi Crowdfunding with DAO system and NLP AI integration
</p>
</div>
<div className="flex flex-row justify-around items-center">
<img src={logo} alt="sunshine logo" className="w-24 h-24"/>
</div>
</MainTemplate>
</div>
);
};

export default AboutPage;

0 comments on commit 2c1a5a8

Please sign in to comment.