blob: 30310cdcc1174d7d8a8f3c569ab203a98b9ddefb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
<?php
/**
* @author Lukas Reschke
* @copyright 2014 Lukas Reschke lukas@owncloud.com
*
* This file is licensed under the Affero General Public License version 3 or
* later.
* See the COPYING-README file.
*/
namespace OCA\Files_PdfViewer\Controller;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\ContentSecurityPolicy;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\IRequest;
use OCP\IURLGenerator;
class DisplayController extends Controller {
/** @var IURLGenerator */
private $urlGenerator;
/**
* @param string $AppName
* @param IRequest $request
* @param IURLGenerator $urlGenerator
*/
public function __construct($AppName,
IRequest $request,
IURLGenerator $urlGenerator) {
parent::__construct($AppName, $request);
$this->urlGenerator = $urlGenerator;
}
/**
* @PublicPage
* @NoCSRFRequired
*
* @return TemplateResponse
*/
public function showPdfViewer() {
$params = [
'urlGenerator' => $this->urlGenerator
];
$response = new TemplateResponse($this->appName, 'viewer', $params, 'blank');
$policy = new ContentSecurityPolicy();
$policy->addAllowedChildSrcDomain('\'self\'');
$policy->addAllowedFontDomain('data:');
$policy->addAllowedImageDomain('*');
$policy->allowEvalScript(false);
$response->setContentSecurityPolicy($policy);
return $response;
}
}
|