From cc4a12dca09dc0b9263d92026de1247d5151cbce Mon Sep 17 00:00:00 2001
From: Alexandre Roux D'Anzi <alexandre.roux.danzi@lostpod.me>
Date: Tue, 11 Jan 2022 22:24:13 +0100
Subject: put carnet in a frame to avoid conflicting css

---
 lib/Controller/PageController.php | 30 +++++++++++++++++++++++++++---
 1 file changed, 27 insertions(+), 3 deletions(-)

(limited to 'lib')

diff --git a/lib/Controller/PageController.php b/lib/Controller/PageController.php
index 9aa126b..e3f758a 100755
--- a/lib/Controller/PageController.php
+++ b/lib/Controller/PageController.php
@@ -17,6 +17,32 @@ class PageController extends Controller {
 		$this->config = $Config;
 	}
 
+	/**
+	 * CAUTION: the @Stuff turns off security checks; for this page no admin is
+	 *          required and no CSRF check. If you don't know what CSRF is, read
+	 *          it up in the docs or you might create a security hole. This is
+	 *          basically the only required method to add this exemption, don't
+	 *          add it to any other method if you don't exactly know what it does
+	 *
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
+	 */
+	public function browser() {
+		$parameters = [
+			'nc_version' => \OCP\Util::getVersion()[0],
+			'carnet_display_fullscreen' => $this->config->getAppValue('carnet', 'carnetDisplayFullscreen', 'no'),
+			'app_version' => App::getAppInfo($this->appName)['version'],
+		];
+		$response = new TemplateResponse($this->appName,"browser",$parameters);
+		$response->renderAs("blank");
+		$policy = new ContentSecurityPolicy();
+		$policy->addAllowedFrameDomain('\'self\'');
+		$policy->addAllowedFrameDomain('data:');
+		
+		$response->setContentSecurityPolicy($policy); // allow iframe
+		return $response;
+	}
+
 	/**
 	 * CAUTION: the @Stuff turns off security checks; for this page no admin is
 	 *          required and no CSRF check. If you don't know what CSRF is, read
@@ -34,12 +60,10 @@ class PageController extends Controller {
 			'app_version' => App::getAppInfo($this->appName)['version'],
 		];
 		$response = new TemplateResponse($this->appName,"index",$parameters);
-		if($this->config->getAppValue('carnet', 'carnetDisplayFullscreen', 'no') === "yes")
-			$response->renderAs("blank");
 		$policy = new ContentSecurityPolicy();
 		$policy->addAllowedFrameDomain('\'self\'');
 		$policy->addAllowedFrameDomain('data:');
-
+		
 		$response->setContentSecurityPolicy($policy); // allow iframe
 		return $response;
 	}
-- 
cgit v1.2.3