Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/nextcloud/richdocuments.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lib/AppInfo/Application.php
diff options
context:
space:
mode:
Diffstat (limited to 'lib/AppInfo/Application.php')
-rw-r--r--lib/AppInfo/Application.php16
1 files changed, 9 insertions, 7 deletions
diff --git a/lib/AppInfo/Application.php b/lib/AppInfo/Application.php
index 67a08000..c768dcd8 100644
--- a/lib/AppInfo/Application.php
+++ b/lib/AppInfo/Application.php
@@ -198,6 +198,12 @@ class Application extends App implements IBootstrap {
public function updateCSP() {
$container = $this->getContainer();
+ // Do not apply CSP rules on WebDAV/OCS
+ // Ideally this could be a middleware running after the controller execution before rendering the result to only do it on page response
+ if ($container->getServer()->getRequest()->getScriptName() !== '/index.php') {
+ return;
+ }
+
$publicWopiUrl = $container->getServer()->getConfig()->getAppValue('richdocuments', 'public_wopi_url', '');
$publicWopiUrl = $publicWopiUrl === '' ? \OC::$server->getConfig()->getAppValue('richdocuments', 'wopi_url') : $publicWopiUrl;
$cspManager = $container->getServer()->getContentSecurityPolicyManager();
@@ -213,11 +219,7 @@ class Application extends App implements IBootstrap {
/**
* Dynamically add CSP for federated editing
*/
- $path = '';
- try {
- $path = $container->getServer()->getRequest()->getPathInfo();
- } catch (\Exception $e) {}
- if ((strpos($path, '/apps/files/') === 0 || strpos($path, '/s/') === 0) && $container->getServer()->getAppManager()->isEnabledForUser('federation')) {
+ if ($container->getServer()->getAppManager()->isEnabledForUser('federation')) {
/** @var FederationService $federationService */
$federationService = \OC::$server->query(FederationService::class);
@@ -227,6 +229,7 @@ class Application extends App implements IBootstrap {
if ($globalScale->isGlobalScaleEnabled()) {
$trustedList = \OC::$server->getConfig()->getSystemValue('gs.trustedHosts', []);
foreach ($trustedList as $server) {
+ $policy->addAllowedFrameDomain($server);
$this->addTrustedRemote($policy, $server);
}
}
@@ -241,8 +244,7 @@ class Application extends App implements IBootstrap {
}
private function addTrustedRemote($policy, $url) {
- /** @var FederationService $federationService */
- $federationService = \OC::$server->query(FederationService::class);
+ $federationService = \OC::$server->get(FederationService::class);
try {
$remoteCollabora = $federationService->getRemoteCollaboraURL($url);
$policy->addAllowedFrameDomain($url);
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-23 16:15:27 +0300