| commit | ae0353989abe7d9194dba47ca26d803fe11f46b6 | [log] [tgz] |
|---|---|---|
| author | Gunnar Mills <gmills@us.ibm.com> | Tue Jul 23 12:18:34 2019 -0500 |
| committer | Gunnar Mills <gmills@us.ibm.com> | Fri Jul 26 19:57:30 2019 +0000 |
| tree | e24d60547455de4b1184e755b0554f3f5f6f5cd3 | |
| parent | eaa40dd340995e053d9f2f9ba47ea0575849f292 [diff] |
npm update Have a security vulnerability around lodash. This partially addresses. See https://github.com/lodash/lodash/pull/4336 for more information. Opened to address the remaining vulnerability: https://github.com/openbmc/phosphor-webui/issues/91 Tested: Built image and loaded on a Witherspoon. Change-Id: I071c916058bc6ce7dd2032bf1af5b5c8e6545dec Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
The OpenBMC WebUI is a Web-based user interface for the OpenBMC firmware stack. The WebUI uses AngularJS. Features include:
nodejs (>= 4.2.6) npm (>= 5.6.0)
Note The default installation of your Linux distro may not come with the required versions above. See the following for more information on updating:
https://docs.npmjs.com/troubleshooting/try-the-latest-stable-version-of-node https://docs.npmjs.com/troubleshooting/try-the-latest-stable-version-of-npm
npm install
Note This must be run from within the phosphor-webui git repository.
npm run-script server
This will start a server instance and begin listening for connections at http://localhost:8080. This development server provides live reloading on code changes. NOTE: Browsing to https://<BMC> and accepting the self-signed certificate might be required to prevent your browser from blocking traffic to the BMC.
Enter the BMC Host or BMC IP address, username, and password. The default username and password are root/0penBmc.
Note that some OpenBMC implementations use bmcweb for its backend. For security reasons, bmcweb will need to be recompiled and loaded onto the target BMC Host before the above redirect command will work. The option to turn on within bmcweb is BMCWEB_INSECURE_DISABLE_XSS_PREVENTION.