colin
/
resume
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix CSP for PDF download button by moving to external script
ci/woodpecker/push/woodpecker Pipeline was successful Details

This commit is contained in:
Leopere 2025-05-10 16:27:15 -04:00
parent 04e5a9fa34
commit 911842dc06
3 changed files with 25 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docker/resume/Caddyfile
View File

@ -29,7 +29,7 @@ colinknapp.com {
Cache-Control "public, max-age=31536000, immutable" Cache-Control "public, max-age=31536000, immutable"
# CSP with hashes for scripts and styles # CSP with hashes for scripts and styles
Content-Security-Policy "default-src 'none'; script-src 'self' 'sha256-ryQsJ+aghKKD/CeXgx8jtsnZT3Epp3EjIw8RyHIq544=' 'sha256-anTkUs/oFZJulKUMaMjZlwaALEmPOP8op0psAo5Bhh8='; style-src 'self' 'sha256-Mo+7o3oPEKpX7fqRvTtunvQHlIDhJ0SxAMG1PCNniCI='; img-src 'self' data:; font-src 'self' data:; connect-src 'self'; object-src 'none'; frame-ancestors 'none'; base-uri 'none'; form-action 'none';" Content-Security-Policy "default-src 'none'; script-src 'self' 'sha256-ryQsJ+aghKKD/CeXgx8jtsnZT3Epp3EjIw8RyHIq544=' 'sha256-anTkUs/oFZJulKUMaMjZlwaALEmPOP8op0psAo5Bhh8=' 'sha256-BASkmAmg7eoYCMd6odA6kQ8yGsFnoxaX48WbQvMkehs='; style-src 'self' 'sha256-Mo+7o3oPEKpX7fqRvTtunvQHlIDhJ0SxAMG1PCNniCI='; img-src 'self' data:; font-src 'self' data:; connect-src 'self'; object-src 'none'; frame-ancestors 'none'; base-uri 'none'; form-action 'none';"
} }
# Handle 404s # Handle 404s
@ -79,7 +79,7 @@ colinknapp.com {
Cache-Control "public, max-age=31536000, immutable" Cache-Control "public, max-age=31536000, immutable"
# CSP with hashes for scripts and styles # CSP with hashes for scripts and styles
Content-Security-Policy "default-src 'none'; script-src 'self' 'sha256-ryQsJ+aghKKD/CeXgx8jtsnZT3Epp3EjIw8RyHIq544=' 'sha256-anTkUs/oFZJulKUMaMjZlwaALEmPOP8op0psAo5Bhh8='; style-src 'self' 'sha256-Mo+7o3oPEKpX7fqRvTtunvQHlIDhJ0SxAMG1PCNniCI='; img-src 'self' data:; font-src 'self' data:; connect-src 'self'; object-src 'none'; frame-ancestors 'none'; base-uri 'none'; form-action 'none';" Content-Security-Policy "default-src 'none'; script-src 'self' 'sha256-ryQsJ+aghKKD/CeXgx8jtsnZT3Epp3EjIw8RyHIq544=' 'sha256-anTkUs/oFZJulKUMaMjZlwaALEmPOP8op0psAo5Bhh8=' 'sha256-BASkmAmg7eoYCMd6odA6kQ8yGsFnoxaX48WbQvMkehs='; style-src 'self' 'sha256-Mo+7o3oPEKpX7fqRvTtunvQHlIDhJ0SxAMG1PCNniCI='; img-src 'self' data:; font-src 'self' data:; connect-src 'self'; object-src 'none'; frame-ancestors 'none'; base-uri 'none'; form-action 'none';"
} }
# Handle 404s # Handle 404s

21
docker/resume/index.html
View File

@ -7,6 +7,7 @@
<title>Colin Knapp Portfolio</title> <title>Colin Knapp Portfolio</title>
<link rel="stylesheet" href="styles.css" integrity="sha256-Ps1dklCHzk1leTAfqkeA64YDuDJxx5QZBjC2UQhSdz0=" crossorigin="anonymous"> <link rel="stylesheet" href="styles.css" integrity="sha256-Ps1dklCHzk1leTAfqkeA64YDuDJxx5QZBjC2UQhSdz0=" crossorigin="anonymous">
<script src="theme.js" integrity="sha256-anTkUs/oFZJulKUMaMjZlwaALEmPOP8op0psAo5Bhh8=" crossorigin="anonymous"></script> <script src="theme.js" integrity="sha256-anTkUs/oFZJulKUMaMjZlwaALEmPOP8op0psAo5Bhh8=" crossorigin="anonymous"></script>
<script src="pdf-download.js" integrity="sha256-BASkmAmg7eoYCMd6odA6kQ8yGsFnoxaX48WbQvMkehs=" crossorigin="anonymous"></script>
</head> </head>
<body> <body>
<div class="theme-switch"> <div class="theme-switch">
@ -23,7 +24,6 @@
aria-label="Download as PDF" aria-label="Download as PDF"
title="Download resume as PDF" title="Download resume as PDF"
tabindex="0" tabindex="0"
onclick="downloadAsPDF()"
>📄</button> >📄</button>
</div> </div>
@ -202,24 +202,5 @@
<p class="accessibility-notice"><strong>Accessibility:</strong> This website is designed and developed to meet WCAG 2.1 Level AAA standards, ensuring the highest level of accessibility for all users. Features include high contrast ratios, keyboard navigation, screen reader compatibility, and responsive design. The site supports both light and dark modes with automatic system preference detection.</p> <p class="accessibility-notice"><strong>Accessibility:</strong> This website is designed and developed to meet WCAG 2.1 Level AAA standards, ensuring the highest level of accessibility for all users. Features include high contrast ratios, keyboard navigation, screen reader compatibility, and responsive design. The site supports both light and dark modes with automatic system preference detection.</p>
</div> </div>
<script>
function downloadAsPDF() {
// Store current theme
const currentTheme = document.body.getAttribute('data-theme');
// Force light theme for PDF
document.body.setAttribute('data-theme', 'light');
// Wait for theme change to apply
setTimeout(() => {
window.print();
// Restore original theme
setTimeout(() => {
document.body.setAttribute('data-theme', currentTheme);
}, 100);
}, 100);
}
</script>
</body> </body>
</html> </html>

22
docker/resume/pdf-download.js Normal file
View File

@ -0,0 +1,22 @@
document.addEventListener('DOMContentLoaded', function() {
const downloadButton = document.getElementById('downloadPDF');
if (downloadButton) {
downloadButton.addEventListener('click', function() {
// Store current theme
const currentTheme = document.body.getAttribute('data-theme');
// Force light theme for PDF
document.body.setAttribute('data-theme', 'light');
// Wait for theme change to apply
setTimeout(function() {
window.print();
// Restore original theme
setTimeout(function() {
document.body.setAttribute('data-theme', currentTheme);
}, 100);
}, 100);
});
}
});