diff options
author | sualko <klaus@jsxc.org> | 2019-05-21 14:56:59 +0300 |
---|---|---|
committer | sualko <klaus@jsxc.org> | 2019-08-22 14:04:32 +0300 |
commit | e78ae6f97730c9f073d0180784243b04012e2fbf (patch) | |
tree | d23200a452275ad739de6c0a4a372c5ff929304e | |
parent | 8c5d5334e104d5cfd7d45ce3475efaa7de7e096e (diff) |
fix: csp for NC 16
add self to csp if matomo is running on the same host
related to #30, obsolete #70
-rwxr-xr-x | appinfo/app.php | 24 |
1 files changed, 15 insertions, 9 deletions
diff --git a/appinfo/app.php b/appinfo/app.php index 7409a8c..158a84c 100755 --- a/appinfo/app.php +++ b/appinfo/app.php @@ -10,18 +10,24 @@ if (!empty($url)) { ], '' ); + $allowedUrl = ' \'self\' '; $parseurl = parse_url($url); - $url = (isset($parseurl['host'])) ? $parseurl['host'] : false; - if (isset($parseurl['port'])) { - $url .= ':' . (string) $parseurl['port']; + + $isHostDifferent = isset($parseurl['host']) && array_key_exists('SERVER_NAME', $_SERVER) && $_SERVER['SERVER_NAME'] !== $parseurl['host']; + $isPortDifferent = isset($parseurl['port']) && array_key_exists('SERVER_PORT', $_SERVER) && $_SERVER['SERVER_PORT'] !== $parseurl['port']; + + if ($isHostDifferent || $isPortDifferent) { + $allowedUrl = $parseurl['host']; + + if (isset($parseurl['port'])) { + $allowedUrl .= ':' . (string) $parseurl['port']; + } } + $policy = new OCP\AppFramework\Http\ContentSecurityPolicy(); - if ($url !== false && array_key_exists('HTTP_HOST', $_SERVER) - && $_SERVER['HTTP_HOST'] !== $url && !empty($url)) { - $policy->addAllowedScriptDomain($url); - $policy->addAllowedImageDomain($url); + $policy->addAllowedScriptDomain($allowedUrl); + $policy->addAllowedImageDomain($allowedUrl); - \OC::$server->getContentSecurityPolicyManager()->addDefaultPolicy($policy); - } + \OC::$server->getContentSecurityPolicyManager()->addDefaultPolicy($policy); } |