From b28469bfb07cc636b09ffecb0f452582bd2fc66d Mon Sep 17 00:00:00 2001 From: Corentin Mors Date: Fri, 16 Oct 2020 17:54:54 +0200 Subject: Instant feel Signed-off-by: Corentin Mors --- lib/Controller/ApiController.php | 20 ++++++++++++++++++++ lib/Controller/PageController.php | 7 +++++++ 2 files changed, 27 insertions(+) (limited to 'lib') diff --git a/lib/Controller/ApiController.php b/lib/Controller/ApiController.php index 84566e5c..0b247249 100644 --- a/lib/Controller/ApiController.php +++ b/lib/Controller/ApiController.php @@ -29,6 +29,8 @@ use OCA\Photos\AppInfo\Application; use OCP\AppFramework\Controller; use OCP\AppFramework\Http; use OCP\AppFramework\Http\JSONResponse; +use OCP\AppFramework\Http\StreamResponse; +use OCP\AppFramework\Http\ContentSecurityPolicy; use OCP\IConfig; use OCP\IRequest; use OCP\IUserSession; @@ -70,4 +72,22 @@ class ApiController extends Controller { $this->config->setUserValue($userId, Application::APP_ID, $key, $value); return new JSONResponse([], Http::STATUS_OK); } + + /** + * @NoAdminRequired + * @NoCSRFRequired + */ + public function serviceWorker() { + $response = new StreamResponse(__DIR__.'/../../js/photos-service-worker.js'); + $response->setHeaders([ + 'Content-Type' => 'application/javascript', + 'Service-Worker-Allowed' => '/' + ]); + $policy = new ContentSecurityPolicy(); + $policy->addAllowedWorkerSrcDomain("'self'"); + $policy->addAllowedScriptDomain("'self'"); + $policy->addAllowedConnectDomain("'self'"); + $response->setContentSecurityPolicy($policy); + return $response; + } } diff --git a/lib/Controller/PageController.php b/lib/Controller/PageController.php index 7422b56f..4fbc9599 100644 --- a/lib/Controller/PageController.php +++ b/lib/Controller/PageController.php @@ -31,6 +31,7 @@ use OCA\Viewer\Event\LoadViewer; use OCP\App\IAppManager; use OCP\AppFramework\Controller; use OCP\AppFramework\Http\TemplateResponse; +use OCP\AppFramework\Http\ContentSecurityPolicy; use OCP\EventDispatcher\IEventDispatcher; use OCP\IConfig; use OCP\IInitialStateService; @@ -91,6 +92,12 @@ class PageController extends Controller { Util::addStyle(Application::APP_ID, 'icons'); $response = new TemplateResponse(Application::APP_ID, 'main'); + + $policy = new ContentSecurityPolicy(); + $policy->addAllowedWorkerSrcDomain("'self'"); + $policy->addAllowedScriptDomain("'self'"); + $response->setContentSecurityPolicy($policy); + return $response; } } -- cgit v1.2.3