Fix CSP for dapps that require eval. (#7867)

* Add allowJsEval to manifest. * Enable 'unsafe-eval' if requested in manifest.
2018-02-15 11:05:20 +01:00
parent 0a34ad50b4
commit 226215eff6
16 changed files with 41 additions and 52 deletions
--- a/dapps/src/apps/fs.rs
+++ b/dapps/src/apps/fs.rs
@@ -46,17 +46,18 @@ fn read_manifest(name: &str, mut path: PathBuf) -> EndpointInfo {
 			// Try to deserialize manifest
 			deserialize_manifest(s)
 		})
-		.map(Into::into)
 		.unwrap_or_else(|e| {
 			warn!(target: "dapps", "Cannot read manifest file at: {:?}. Error: {:?}", path, e);

 			EndpointInfo {
+				id: None,
 				name: name.into(),
 				description: name.into(),
 				version: "0.0.0".into(),
 				author: "?".into(),
 				icon_url: "icon.png".into(),
 				local_url: None,
+				allow_js_eval: Some(false),
 			}
 		})
 }