diff options
author | Julius Härtl <jus@bitgrid.net> | 2019-08-16 14:48:38 +0300 |
---|---|---|
committer | Julius Härtl <jus@bitgrid.net> | 2019-08-27 19:42:13 +0300 |
commit | f65eddfaa11cc726ce4aed70c9b05ab32369a24b (patch) | |
tree | 8cbead7bdca3b0f2b1edc0b8f1fd05522c5233c5 /appinfo | |
parent | 9b3fb584fb1c9fb7ce506a0797f061be07320833 (diff) |
Move CSP handling to method
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Diffstat (limited to 'appinfo')
-rw-r--r-- | appinfo/app.php | 50 |
1 files changed, 1 insertions, 49 deletions
diff --git a/appinfo/app.php b/appinfo/app.php index 0e630bf8..cbbf745c 100644 --- a/appinfo/app.php +++ b/appinfo/app.php @@ -22,10 +22,7 @@ namespace OCA\Richdocuments\AppInfo; -use OC\Security\CSP\ContentSecurityPolicy; -use OCA\Federation\TrustedServers; use OCA\Richdocuments\PermissionManager; -use OCA\Richdocuments\Service\FederationService; $currentUser = \OC::$server->getUserSession()->getUser(); if($currentUser !== null) { @@ -64,51 +61,6 @@ if (class_exists('\OC\Files\Type\TemplateManager')) { } -// Whitelist the public wopi URL for iframes, required for Firefox -$publicWopiUrl = \OC::$server->getConfig()->getAppValue('richdocuments', 'public_wopi_url', ''); -$publicWopiUrl = $publicWopiUrl === '' ? \OC::$server->getConfig()->getAppValue('richdocuments', 'wopi_url') : $publicWopiUrl; -if ($publicWopiUrl !== '') { - $manager = \OC::$server->getContentSecurityPolicyManager(); - $policy = new ContentSecurityPolicy(); - $policy->addAllowedFrameDomain($publicWopiUrl); - if (method_exists($policy, 'addAllowedFormActionDomain')) { - $policy->addAllowedFormActionDomain($publicWopiUrl); - } - // TODO: remove this once figured out how to allow redirects with a frame-src nonce - $policy->addAllowedFrameDomain('https://nextcloud2.local.dev.bitgrid.net'); - $manager->addDefaultPolicy($policy); -} - -$path = ''; -try { - $path = \OC::$server->getRequest()->getPathInfo(); -} catch (\Exception $e) {} -if ($path === '/apps/files/') { - /** @var FederationService $federationService */ - $federationService = \OC::$server->query(FederationService::class); - $remoteAccess = \OC::$server->getRequest()->getParam('richdocuments_remote_access'); - /** @var TrustedServers $trustedServers */ - $trustedServers = \OC::$server->query(TrustedServers::class); - - /* - * if ($remoteAccess && $trustedServers->isTrustedServer($remoteAccess)) { - $remoteCollabora = $federationService->getRemoteCollaboraURL($remoteAccess); - $policy->addAllowedFrameDomain($remoteAccess); - $policy->addAllowedFrameDomain($remoteCollabora); - } - - // TODO remove as this doesn't scale - // better try to reload with csp set - foreach ($trustedServers->getServers() as $server) { - $remoteCollabora = $federationService->getRemoteCollaboraURL($server['url']); - if ($remoteCollabora !== '') { - $policy->addAllowedFrameDomain($server['url']); - $policy->addAllowedFrameDomain($remoteCollabora); - } - } - $manager->addDefaultPolicy($policy); - */ -} - $app = new Application(); $app->registerProvider(); +$app->updateCSP(); |