wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #1321 from owncloud/csp-fixes

Browse source 
Files: CSP fixes
This commit is contained in:
Thomas Müller 2013-01-28 00:29:46 -08:00
commit 31d83fddc4
11 changed files with 12 additions and 46 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
apps/files/admin.php
View file

@ -21,10 +21,6 @@
* *
*/ */
// Init owncloud
OCP\User::checkAdminUser(); OCP\User::checkAdminUser();
$htaccessWorking=(getenv('htaccessWorking')=='true'); $htaccessWorking=(getenv('htaccessWorking')=='true');

5
apps/files/appinfo/routes.php
View file

@ -8,7 +8,4 @@
$this->create('download', 'download{file}') $this->create('download', 'download{file}')
->requirements(array('file' => '.*')) ->requirements(array('file' => '.*'))
->actionInclude('files/download.php'); ->actionInclude('files/download.php');
// oC JS config
$this->create('publicListView', 'js/publiclistview.js')
->actionInclude('files/js/publiclistview.php');

3
apps/files/download.php
View file

@ -21,9 +21,6 @@
* *
*/ */
// Init owncloud
// Check if we are a user // Check if we are a user
OCP\User::checkLoggedIn(); OCP\User::checkLoggedIn();

1
apps/files/index.php
View file

@ -76,6 +76,7 @@ $list = new OCP\Template('files', 'part.list', '');
$list->assign('files', $files, false); $list->assign('files', $files, false);
$list->assign('baseURL', OCP\Util::linkTo('files', 'index.php') . '?dir=', false); $list->assign('baseURL', OCP\Util::linkTo('files', 'index.php') . '?dir=', false);
$list->assign('downloadURL', OCP\Util::linkTo('files', 'download.php') . '?file=', false); $list->assign('downloadURL', OCP\Util::linkTo('files', 'download.php') . '?file=', false);
$list->assign('disableSharing', false);
$breadcrumbNav = new OCP\Template('files', 'part.breadcrumb', ''); $breadcrumbNav = new OCP\Template('files', 'part.breadcrumb', '');
$breadcrumbNav->assign('breadcrumb', $breadcrumb, false); $breadcrumbNav->assign('breadcrumb', $breadcrumb, false);
$breadcrumbNav->assign('baseURL', OCP\Util::linkTo('files', 'index.php') . '?dir=', false); $breadcrumbNav->assign('baseURL', OCP\Util::linkTo('files', 'index.php') . '?dir=', false);

20
apps/files/js/publiclistview.php
View file

@ -1,20 +0,0 @@
<?php
/**
* Copyright (c) 2013 Lukas Reschke <lukas@statuscode.ch>
* This file is licensed under the Affero General Public License version 3 or
* later.
* See the COPYING-README file.
*/
// Set the content type to Javascript
header("Content-type: text/javascript");
// Disallow caching
header("Cache-Control: no-cache, must-revalidate");
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
if ( array_key_exists('disableSharing', $_) && $_['disableSharing'] == true ) {
echo "var disableSharing = true;";
} else {
echo "var disableSharing = false;";
}

4
apps/files/settings.php
View file

@ -21,10 +21,6 @@
* *
*/ */
// Init owncloud
// Check if we are a user // Check if we are a user
OCP\User::checkLoggedIn(); OCP\User::checkLoggedIn();

2
apps/files/templates/part.list.php
View file

@ -1,4 +1,4 @@
<script type="text/javascript" src="<?php echo OC_Helper::linkToRoute('publicListView');?>"></script> <input type="hidden" id="disableSharing" data-status="<?php echo $_['disableSharing']; ?>">
<?php foreach($_['files'] as $file): <?php foreach($_['files'] as $file):
$simple_file_size = OCP\simple_file_size($file['size']); $simple_file_size = OCP\simple_file_size($file['size']);

2
apps/files_sharing/js/share.js
View file

@ -1,5 +1,7 @@
$(document).ready(function() { $(document).ready(function() {
var disableSharing = $('#disableSharing').data('status');
if (typeof OC.Share !== 'undefined' && typeof FileActions !== 'undefined' && !disableSharing) { if (typeof OC.Share !== 'undefined' && typeof FileActions !== 'undefined' && !disableSharing) {
FileActions.register('all', 'Share', OC.PERMISSION_READ, OC.imagePath('core', 'actions/share'), function(filename) { FileActions.register('all', 'Share', OC.PERMISSION_READ, OC.imagePath('core', 'actions/share'), function(filename) {

2
apps/files_sharing/templates/public.php
View file

@ -1,5 +1,3 @@
<script type="text/javascript" src="<?php echo OC_Helper::linkToRoute('publicListView');?>"></script>
<input type="hidden" name="dir" value="<?php echo $_['dir'] ?>" id="dir"> <input type="hidden" name="dir" value="<?php echo $_['dir'] ?>" id="dir">
<input type="hidden" name="downloadURL" value="<?php echo $_['downloadURL'] ?>" id="downloadURL"> <input type="hidden" name="downloadURL" value="<?php echo $_['downloadURL'] ?>" id="downloadURL">
<input type="hidden" name="filename" value="<?php echo $_['filename'] ?>" id="filename"> <input type="hidden" name="filename" value="<?php echo $_['filename'] ?>" id="filename">

10
core/js/config.php
View file

@ -17,11 +17,15 @@ header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
$l = OC_L10N::get('core'); $l = OC_L10N::get('core');
// Get the config // Get the config
$debug = (defined('DEBUG') && DEBUG) ? 'true' : 'false'; $apps_paths = array();
foreach(OC_App::getEnabledApps() as $app) {
$apps_paths[$app] = OC_App::getAppWebPath($app);
}
$array = array( $array = array(
"oc_debug" => $debug, "oc_debug" => (defined('DEBUG') && DEBUG) ? 'true' : 'false',
"oc_webroot" => "\"".OC::$WEBROOT."\"", "oc_webroot" => "\"".OC::$WEBROOT."\"",
"oc_appswebroots" => "\"".$_['apps_paths']. "\"", "oc_appswebroots" => str_replace('\\/', '/', json_encode($apps_paths)), // Ugly unescape slashes waiting for better solution
"oc_current_user" => "\"".OC_User::getUser(). "\"", "oc_current_user" => "\"".OC_User::getUser(). "\"",
"oc_requesttoken" => "\"".OC_Util::callRegister(). "\"", "oc_requesttoken" => "\"".OC_Util::callRegister(). "\"",
"datepickerFormatDate" => json_encode($l->l('jsdate', 'jsdate')), "datepickerFormatDate" => json_encode($l->l('jsdate', 'jsdate')),

5
lib/templatelayout.php
View file

@ -28,11 +28,6 @@ class OC_TemplateLayout extends OC_Template {
break; break;
} }
} }
$apps_paths = array();
foreach(OC_App::getEnabledApps() as $app) {
$apps_paths[$app] = OC_App::getAppWebPath($app);
}
$this->assign( 'apps_paths', str_replace('\\/', '/', json_encode($apps_paths)), false ); // Ugly unescape slashes waiting for better solution
} else if ($renderas == 'guest') { } else if ($renderas == 'guest') {
parent::__construct('core', 'layout.guest'); parent::__construct('core', 'layout.guest');
} else { } else {