wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
server/lib/private/legacy
History
Lukas Reschke fdcb8edd78
Add nonce also to legacy CSP 
Pages that do not use the AppFramework have its CSP inherited from `\OC_Response::addSecurityHeaders`. While those are not many anymore, there are some examples such as the "Help" page.

To stay completely backwards-compatible we should also add the nonce to the legacy CSP response.

To test that open your browser console and open the help page. Without this you will get a JS error. With this you won't.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-26 09:41:18 +02:00
..
db Update with robin 2016-07-21 18:13:58 +02:00
group Update with robin 2016-07-21 18:13:58 +02:00
l10n Fix others 2016-07-21 18:13:57 +02:00
ocs Remove unused private classes 2016-08-18 09:37:11 +02:00
template Fix others 2016-07-21 18:13:57 +02:00
user Fix others 2016-07-21 18:13:57 +02:00
api.php prevent infinite redirect loops if the there is no 2fa provider to pass 2016-08-24 10:49:23 +02:00
app.php App dependencies are now analysed on app enable as well - not only on app install. 2016-10-24 15:59:46 +02:00
db.php Kill update simulation 2016-09-27 18:43:53 +02:00
defaults.php Update with robin 2016-07-21 18:13:58 +02:00
eventsource.php Update with robin 2016-07-21 18:13:58 +02:00
filechunking.php Update with robin 2016-07-21 18:13:58 +02:00
files.php Update with robin 2016-07-21 18:13:58 +02:00
group.php Update with robin 2016-07-21 18:13:58 +02:00
helper.php Remove checks whether OC is running on Windows pt. 2 2016-10-24 16:12:17 +02:00
hook.php Update with robin 2016-07-21 18:13:58 +02:00
image.php Some cleanup within OC_Image (#25875) 2016-08-29 14:31:59 +02:00
json.php prevent infinite redirect loops if the there is no 2fa provider to pass 2016-08-24 10:49:23 +02:00
l10n.php Update with robin 2016-07-21 18:13:58 +02:00
ocs.php Return 404 on v2.php when the app is disabled 2016-09-22 12:18:40 +02:00
response.php Add nonce also to legacy CSP 2016-10-26 09:41:18 +02:00
template.php Merge pull request #1452 from nextcloud/appconfig-endpoint 2016-10-25 10:57:48 +02:00
user.php Update with robin 2016-07-21 18:13:58 +02:00
util.php Remove checks whether OC is running on Windows pt. 2 2016-10-24 16:12:17 +02:00