Allow inline styles for theming images

Signed-off-by: Julius Härtl <jus@bitgrid.net>
This commit is contained in:
Julius Härtl 2019-11-27 20:26:57 +01:00
parent 8c92c4aad1
commit f911a9fbef
No known key found for this signature in database
GPG key ID: 4C614C6ED2CDE6DF
2 changed files with 9 additions and 0 deletions

View file

@ -379,6 +379,9 @@ class ThemingController extends Controller {
} }
$response = new FileDisplayResponse($file); $response = new FileDisplayResponse($file);
$csp = new Http\ContentSecurityPolicy();
$csp->allowInlineStyle();
$response->setContentSecurityPolicy($csp);
$response->cacheFor(3600); $response->cacheFor(3600);
$response->addHeader('Content-Type', $this->config->getAppValue($this->appName, $key . 'Mime', '')); $response->addHeader('Content-Type', $this->config->getAppValue($this->appName, $key . 'Mime', ''));
$response->addHeader('Content-Disposition', 'attachment; filename="' . $key . '"'); $response->addHeader('Content-Disposition', 'attachment; filename="' . $key . '"');

View file

@ -764,6 +764,9 @@ class ThemingControllerTest extends TestCase {
$expected->cacheFor(3600); $expected->cacheFor(3600);
$expected->addHeader('Content-Type', 'text/svg'); $expected->addHeader('Content-Type', 'text/svg');
$expected->addHeader('Content-Disposition', 'attachment; filename="logo"'); $expected->addHeader('Content-Disposition', 'attachment; filename="logo"');
$csp = new Http\ContentSecurityPolicy();
$csp->allowInlineStyle();
$expected->setContentSecurityPolicy($csp);
@$this->assertEquals($expected, $this->themingController->getImage('logo')); @$this->assertEquals($expected, $this->themingController->getImage('logo'));
} }
@ -789,6 +792,9 @@ class ThemingControllerTest extends TestCase {
->willReturn('image/png'); ->willReturn('image/png');
@$expected = new Http\FileDisplayResponse($file); @$expected = new Http\FileDisplayResponse($file);
$csp = new Http\ContentSecurityPolicy();
$csp->allowInlineStyle();
$expected->setContentSecurityPolicy($csp);
$expected->cacheFor(3600); $expected->cacheFor(3600);
$expected->addHeader('Content-Type', 'image/png'); $expected->addHeader('Content-Type', 'image/png');
$expected->addHeader('Content-Disposition', 'attachment; filename="background"'); $expected->addHeader('Content-Disposition', 'attachment; filename="background"');