From 4e408cbc4243153371f982bea228a955a7973c87 Mon Sep 17 00:00:00 2001
From: Tom Misilo <1446856+misilot@users.noreply.github.com>
Date: Wed, 5 May 2021 12:51:47 -0500
Subject: [PATCH 1/4] Fix CSP Always being Enabled unless in debug mode.
 (#9543)

---
 app/Http/Middleware/SecurityHeaders.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Http/Middleware/SecurityHeaders.php b/app/Http/Middleware/SecurityHeaders.php
index 4a75d6ec2..8a3800ffe 100644
--- a/app/Http/Middleware/SecurityHeaders.php
+++ b/app/Http/Middleware/SecurityHeaders.php
@@ -99,7 +99,7 @@ class SecurityHeaders
         // We have to exclude debug mode here because debugbar pulls from a CDN or two
         // and it will break things.
 
-        if ((config('app.debug')!='true')  || (config('app.enable_csp')=='true')) {
+        if ((config('app.debug')!='true')  && (config('app.enable_csp')=='true')) {
             $csp_policy[] = "default-src 'self'";
             $csp_policy[] = "style-src 'self' 'unsafe-inline'";
             $csp_policy[] = "script-src 'self' 'unsafe-inline' 'unsafe-eval'";

From 397e2df3ea53d06986eb953a12d3dcd64c9c4ad7 Mon Sep 17 00:00:00 2001
From: Tom Misilo <1446856+misilot@users.noreply.github.com>
Date: Fri, 7 May 2021 15:50:36 -0500
Subject: [PATCH 2/4] Upgrade the Alpine docker img to v3.13 for PHP 7.4
 (#9550)

v3.13 of the alpine image has php7.4 instead of php7.3
---
 Dockerfile.alpine | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile.alpine b/Dockerfile.alpine
index 64cac8df2..6b52b74f9 100644
--- a/Dockerfile.alpine
+++ b/Dockerfile.alpine
@@ -1,4 +1,4 @@
-FROM alpine:3.12
+FROM alpine:3.13
 # Apache + PHP
 RUN  apk add --no-cache \
         apache2 \

From 9aac3ae628360f8d2604d79750740684e41a9dad Mon Sep 17 00:00:00 2001
From: snipe <snipe@snipe.net>
Date: Fri, 7 May 2021 16:36:07 -0700
Subject: [PATCH 3/4] Fixed HTML causing two backup headers to appear

Signed-off-by: snipe <snipe@snipe.net>
---
 resources/views/settings/backups.blade.php | 1 -
 1 file changed, 1 deletion(-)

diff --git a/resources/views/settings/backups.blade.php b/resources/views/settings/backups.blade.php
index 3af4d8ba9..742ae25c9 100644
--- a/resources/views/settings/backups.blade.php
+++ b/resources/views/settings/backups.blade.php
@@ -29,7 +29,6 @@
                     data-sort-order="asc"
                     id="system-backups"
                     class="table table-striped snipe-table">
-                <thead>
             <thead>
               <th>File</th>
               <th>Created</th>

From a70461439750c6ca54bf8ec4a55cd9f0bc3a2afe Mon Sep 17 00:00:00 2001
From: snipe <snipe@snipe.net>
Date: Fri, 7 May 2021 16:42:26 -0700
Subject: [PATCH 4/4] Bumped max for country on model

Signed-off-by: snipe <snipe@snipe.net>
---
 app/Models/Location.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Models/Location.php b/app/Models/Location.php
index dc8aa6a04..1f48f96e7 100755
--- a/app/Models/Location.php
+++ b/app/Models/Location.php
@@ -23,7 +23,7 @@ class Location extends SnipeModel
     protected $rules = array(
         'name'          => 'required|min:2|max:255|unique_undeleted',
         'city'          => 'min:2|max:255|nullable',
-        'country'       => 'min:2|max:2|nullable',
+        'country'       => 'min:2|max:255|nullable',
         'address'       => 'max:80|nullable',
         'address2'      => 'max:80|nullable',
         'zip'           => 'min:3|max:10|nullable',