diff options
author | sualko <klaus@jsxc.org> | 2018-03-31 12:05:35 +0300 |
---|---|---|
committer | sualko <klaus@jsxc.org> | 2018-03-31 12:05:35 +0300 |
commit | e18cfc54296d0d902347f0ce50b0cd77ca2bf02b (patch) | |
tree | f54e295e30875ad6d480cef9130dba8d675b3ef3 | |
parent | c067f648a94b51b99583c9f3601d96bfe00d3131 (diff) |
add only non-empty url to csp (fix #49)
-rwxr-xr-x | appinfo/app.php | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/appinfo/app.php b/appinfo/app.php index 88be2a4..8ded64a 100755 --- a/appinfo/app.php +++ b/appinfo/app.php @@ -1,5 +1,5 @@ <?php -$url = \OC::$server->getConfig()->getAppValue('piwik', 'url'); +$url = \OC::$server->getConfig()->getAppValue('piwik', 'url'); if (!empty($url)) { OCP\Util::addScript('piwik', 'track'); @@ -11,7 +11,8 @@ if (!empty($url)) { $policy->addAllowedScriptDomain('\'self\' '); $policy->addAllowedImageDomain('\'self\' '); - if ($url !== false && array_key_exists('HTTP_HOST', $_SERVER) && $_SERVER['HTTP_HOST'] !== $url) { + if ($url !== false && array_key_exists('HTTP_HOST', $_SERVER) + && $_SERVER['HTTP_HOST'] !== $url && !empty($url)) { $policy->addAllowedScriptDomain($url); $policy->addAllowedImageDomain($url); } |