mirror of
https://github.com/the-djmaze/snappymail.git
synced 2026-07-13 03:27:39 +03:00
Bugfix: Nextcloud ContentSecurityPolicy versions issue
This commit is contained in:
parent
01f26451d0
commit
9f1e9f1899
2 changed files with 17 additions and 12 deletions
|
|
@ -9,7 +9,7 @@ class ContentSecurityPolicy extends \OCP\AppFramework\Http\ContentSecurityPolicy
|
||||||
/** @var bool Whether eval in JS scripts is allowed */
|
/** @var bool Whether eval in JS scripts is allowed */
|
||||||
protected $evalScriptAllowed = true;
|
protected $evalScriptAllowed = true;
|
||||||
/** @var bool Whether strict-dynamic should be set */
|
/** @var bool Whether strict-dynamic should be set */
|
||||||
protected $strictDynamicAllowed = true; // NC24+
|
// protected $strictDynamicAllowed = true; // NC24+
|
||||||
/** @var bool Whether inline CSS is allowed */
|
/** @var bool Whether inline CSS is allowed */
|
||||||
protected $inlineStyleAllowed = true;
|
protected $inlineStyleAllowed = true;
|
||||||
|
|
||||||
|
|
@ -21,9 +21,9 @@ class ContentSecurityPolicy extends \OCP\AppFramework\Http\ContentSecurityPolicy
|
||||||
$CSP->script
|
$CSP->script
|
||||||
));
|
));
|
||||||
$this->allowedScriptDomains = \array_diff($this->allowedScriptDomains, ["'unsafe-inline'", "'unsafe-eval'"]);
|
$this->allowedScriptDomains = \array_diff($this->allowedScriptDomains, ["'unsafe-inline'", "'unsafe-eval'"]);
|
||||||
if (\method_exists($this, 'useStrictDynamic')) {
|
\method_exists($this, 'useStrictDynamic')
|
||||||
$this->allowedScriptDomains = \array_diff($this->allowedScriptDomains, ["'strict-dynamic'"]);
|
? $this->useStrictDynamic(true) // NC24+
|
||||||
}
|
: $this->addAllowedScriptDomain("'strict-dynamic'");
|
||||||
|
|
||||||
$this->allowedImageDomains = \array_unique(\array_merge(
|
$this->allowedImageDomains = \array_unique(\array_merge(
|
||||||
$this->allowedImageDomains,
|
$this->allowedImageDomains,
|
||||||
|
|
@ -47,4 +47,16 @@ class ContentSecurityPolicy extends \OCP\AppFramework\Http\ContentSecurityPolicy
|
||||||
));
|
));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function getSnappyMailNonce() {
|
||||||
|
static $sNonce;
|
||||||
|
if (!$sNonce) {
|
||||||
|
$cspManager = \OC::$server->getContentSecurityPolicyNonceManager();
|
||||||
|
$sNonce = $cspManager->getNonce() ?: \SnappyMail\UUID::generate();
|
||||||
|
if (\method_exists($cspManager, 'browserSupportsCspV3') && !$cspManager->browserSupportsCspV3()) {
|
||||||
|
$this->addAllowedScriptDomain("'nonce-{$sNonce}'");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return $sNonce;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -55,15 +55,8 @@ class PageController extends Controller
|
||||||
$sAppCssMin = $oConfig->Get('labs', 'use_app_debug_css', false) ? '' : '.min';
|
$sAppCssMin = $oConfig->Get('labs', 'use_app_debug_css', false) ? '' : '.min';
|
||||||
$sLanguage = $oActions->GetLanguage(false);
|
$sLanguage = $oActions->GetLanguage(false);
|
||||||
|
|
||||||
$cspManager = \OC::$server->getContentSecurityPolicyNonceManager();
|
|
||||||
$sNonce = $cspManager->getNonce() ?: \SnappyMail\UUID::generate();
|
|
||||||
$csp = new ContentSecurityPolicy();
|
$csp = new ContentSecurityPolicy();
|
||||||
if (\method_exists($cspManager, 'browserSupportsCspV3') && !$cspManager->browserSupportsCspV3()) {
|
$sNonce = $csp->getSnappyMailNonce();
|
||||||
$csp->addAllowedScriptDomain("'nonce-{$sNonce}'");
|
|
||||||
}
|
|
||||||
\method_exists($csp, 'useStrictDynamic')
|
|
||||||
? $csp->useStrictDynamic(true) // NC24+
|
|
||||||
: $csp->addAllowedScriptDomain("'strict-dynamic'");
|
|
||||||
|
|
||||||
$params = [
|
$params = [
|
||||||
'Admin' => $bAdmin ? 1 : 0,
|
'Admin' => $bAdmin ? 1 : 0,
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue