Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-webui / 0f2f981e3218a57f89995aa6cb6b684b2ec0ba8f
commit0f2f981e3218a57f89995aa6cb6b684b2ec0ba8f[log] [tgz]
authorEd Tanous <ed.tanous@intel.com>Wed Dec 19 17:59:28 2018 -0800
committerEd Tanous <ed.tanous@intel.com>Sat Dec 22 17:36:03 2018 +0000
tree7140663c2b9acfa7da750fb4d86fb9982bf2514a
parent7c2b7c124f620da1ff0f8a70fd32b93e97d28871 [diff]
Enable strict content security policy

Webpack allows us to define a content security policy that utilizes
hashes to define what is, and isn't allowed to execute in the page
context.  Because we're a single page application, this means that we
can effectively defend the whole page with a few extra lines of setup.

This does not utilitize _any_ of the unsafe-* calls that content
security policy has, which should meet security standards for all uses.

Tested By:
Launched GUI, observed no functional changes, and watched console for
CSP errors.  Saw none.

Change-Id: I892df1f1b004384943be0ae6e51046054991fd45
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
4 files changed
tree: 7140663c2b9acfa7da750fb4d86fb9982bf2514a
  1. app/
  2. .babelrc
  3. .clang-format
  4. .gitignore
  5. config.json
  6. format-code.sh
  7. karma.conf.js
  8. LICENSE
  9. MAINTAINERS
  10. package-lock.json
  11. package.json
  12. postcss.config.js
  13. README.md
  14. sonar-project.properties
  15. webpack.config.js
README.md

OpenBMC Web User Interface

The OpenBMC WebUI is a Web-based user interface for the OpenBMC firmware stack. The WebUI uses AngularJS. Features include:

  • View system overview data such as model information and serial number
  • View and manage event logs
  • View inventory data
  • View sensor data
  • Power On/Off server operations
  • Reboot BMC
  • Manage and update BMC and Host firmware
  • IPv4 network settings
  • SoL console

Requirements

nodejs (>= 4.2.6) npm (>= 5.6.0)

Note The default installation of your Linux distro may not come with the required versions above. See the following for more information on updating:

https://docs.npmjs.com/troubleshooting/try-the-latest-stable-version-of-node https://docs.npmjs.com/troubleshooting/try-the-latest-stable-version-of-npm

Installation

npm install

Note This must be run from within the phosphor-webui git repository.

Running locally

npm run-script server

This will start a server instance and begin listening for connections at http://localhost:8080. This development server provides live reloading on code changes. NOTE: Browsing to https://<BMC> and accepting the self-signed certificate might be required to prevent your browser from blocking traffic to the BMC.

Logging in

Enter the BMC Host or BMC IP address, username, and password. The default username and password are root/0penBmc.

Note that some OpenBMC implementations use bmcweb for its backend. For security reasons, bmcweb will need to be recompiled and loaded onto the target BMC Host before the above redirect command will work. The option to turn on within bmcweb is BMCWEB_INSECURE_DISABLE_XSS_PREVENTION.