Cutlery/Kyoo
1
0
Fork 0
mirror of https://github.com/zoriya/Kyoo.git synced 2025-07-09 03:04:20 -04:00
Code Issues Packages Projects Releases Wiki Activity

Adding security headers. Cleaning up.

Browse Source
This commit is contained in:
Zoe Roux 2019-11-26 00:21:58 +01:00
parent 2f5c19e133
commit 8a125614a8
5 changed files with 27 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
Kyoo/ClientApp/src/app/player/player.component.ts
View File

@ -43,6 +43,8 @@ export class PlayerComponent implements OnInit
playMethod: method;
private player: HTMLVideoElement;
private dashPlayer: dashjs.MediaPlayerClass = MediaPlayer().create();
private dashPlayerInitialized: boolean = false;
private thumb: HTMLElement;
private progress: HTMLElement;
private buffered: HTMLElement;
@ -355,7 +357,6 @@ export class PlayerComponent implements OnInit
init()
{
let queryMethod: string = this.route.snapshot.queryParams["method"];
console.log("Query method: " + queryMethod);
if (queryMethod)
this.playMethod = method[queryMethod];
else
@ -380,19 +381,22 @@ export class PlayerComponent implements OnInit
selectPlayMethod()
{
if (this.dashPlayerInitialized)
this.dashPlayer.reset();
if (this.playMethod == method.direct)
{
this.player.src = "/video/" + this.item.link;
this.dashPlayerInitialized = false;
}
else if (this.playMethod == method.transmux)
{
var dashPlayer = MediaPlayer().create();
dashPlayer.initialize(this.player, "/video/transmux/" + this.item.link + "/", true);
this.dashPlayer.initialize(this.player, "/video/transmux/" + this.item.link + "/", true);
this.dashPlayerInitialized = true;
}
else
{
var dashPlayer = MediaPlayer().create();
dashPlayer.initialize(this.player, "/video/transcode/" + this.item.link + "/", true);
this.dashPlayer.initialize(this.player, "/video/transcode/" + this.item.link + "/", true);
this.dashPlayerInitialized = true;
}
}

1
Kyoo/ClientApp/src/index.html
View File

@ -8,7 +8,6 @@
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="theme-color" content="#000000" />
<link rel="icon" type="image/x-icon" href="favicon.ico">
<script>window.VIDEOJS_NO_DYNAMIC_STYLE = true</script>
</head>
<body>
<app-root></app-root>

8
Kyoo/InternalAPI/Transcoder/Transcoder.cs
View File

@ -53,13 +53,13 @@ namespace Kyoo.InternalAPI
if (File.Exists(manifest))
return manifest;
// Added an await and removed the while -> await because the dynamic dash file can't be played for now (maybe ffmpeg doesn't process in the playback order).
await Task.Run(() =>
/*await */Task.Run(() =>
{
transmuxFailed = TranscoderAPI.transmux(episode.Path, manifest.Replace('\\', '/'), out playableDuration) != 0;
playableDuration = float.MaxValue;
//playableDuration = float.MaxValue;
});
//while (playableDuration < 20 || (!File.Exists(manifest) && !transmuxFailed))
// await Task.Delay(10);
while (playableDuration < 20 || (!File.Exists(manifest) && !transmuxFailed))
await Task.Delay(10);
return transmuxFailed ? null : manifest;
}

2
Kyoo/Program.cs
View File

@ -13,7 +13,7 @@ namespace Kyoo
public static IWebHostBuilder CreateWebHostBuilder(string[] args) =>
WebHost.CreateDefaultBuilder(args)
.UseKestrel()
.UseKestrel((config) => { config.AddServerHeader = false; })
.UseUrls("http://*:5000")
.UseStartup<Startup>();
}

13
Kyoo/Startup.cs
View File

@ -53,6 +53,19 @@ namespace Kyoo
app.UseHsts();
}
app.Use((ctx, next) =>
{
ctx.Response.Headers.Remove("X-Powered-By");
ctx.Response.Headers.Remove("Server");
ctx.Response.Headers.Add("Feature-Policy", "autoplay 'self'; fullscreen");
ctx.Response.Headers.Add("Content-Security-Policy", "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'");
ctx.Response.Headers.Add("X-Frame-Options", "SAMEORIGIN");
ctx.Response.Headers.Add("Referrer-Policy", "no-referrer");
ctx.Response.Headers.Add("Access-Control-Allow-Origin", "null");
ctx.Response.Headers.Add("X-Content-Type-Options", "nosniff");
return next();
});
//app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseSpaStaticFiles();