Merge pull request #1321 from owncloud/csp-fixes

Files: CSP fixes
2013-01-28 00:29:46 -08:00 · 2013-01-28 00:29:46 -08:00 · 31d83fddc4
parent 44d6ff61e2 2e42c6f54f
commit 31d83fddc4
11 changed files with 12 additions and 46 deletions
--- a/apps/files/admin.php
+++ b/apps/files/admin.php
@ -21,10 +21,6 @@
 *
 */

-
-// Init owncloud
-
-
 OCP\User::checkAdminUser();

 $htaccessWorking=(getenv('htaccessWorking')=='true');
--- a/apps/files/appinfo/routes.php
+++ b/apps/files/appinfo/routes.php
@ -8,7 +8,4 @@

 $this->create('download', 'download{file}')
 	->requirements(array('file' => '.*'))
-	->actionInclude('files/download.php');
-// oC JS config
-$this->create('publicListView', 'js/publiclistview.js')
-	->actionInclude('files/js/publiclistview.php');
+	->actionInclude('files/download.php');
--- a/apps/files/download.php
+++ b/apps/files/download.php
@ -21,9 +21,6 @@
 *
 */

-// Init owncloud
-
-
 // Check if we are a user
 OCP\User::checkLoggedIn();

--- a/apps/files/index.php
+++ b/apps/files/index.php
@ -76,6 +76,7 @@ $list = new OCP\Template('files', 'part.list', '');
 $list->assign('files', $files, false);
 $list->assign('baseURL', OCP\Util::linkTo('files', 'index.php') . '?dir=', false);
 $list->assign('downloadURL', OCP\Util::linkTo('files', 'download.php') . '?file=', false);
+$list->assign('disableSharing', false);
 $breadcrumbNav = new OCP\Template('files', 'part.breadcrumb', '');
 $breadcrumbNav->assign('breadcrumb', $breadcrumb, false);
 $breadcrumbNav->assign('baseURL', OCP\Util::linkTo('files', 'index.php') . '?dir=', false);
--- a/apps/files/js/publiclistview.php
+++ b/apps/files/js/publiclistview.php
@ -1,20 +0,0 @@
-<?php
-/**
- * Copyright (c) 2013 Lukas Reschke <lukas@statuscode.ch>
- * This file is licensed under the Affero General Public License version 3 or
- * later.
- * See the COPYING-README file.
- */
-
-// Set the content type to Javascript
-header("Content-type: text/javascript");
-
-// Disallow caching
-header("Cache-Control: no-cache, must-revalidate"); 
-header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); 
-
-if ( array_key_exists('disableSharing', $_) && $_['disableSharing'] == true )  {
-	echo "var disableSharing = true;";
-} else {
-	echo "var disableSharing = false;";
-}
--- a/apps/files/settings.php
+++ b/apps/files/settings.php
@ -21,10 +21,6 @@
 *
 */

-
-// Init owncloud
-
-
 // Check if we are a user
 OCP\User::checkLoggedIn();

--- a/apps/files/templates/part.list.php
+++ b/apps/files/templates/part.list.php
@ -1,4 +1,4 @@
-<script type="text/javascript" src="<?php echo OC_Helper::linkToRoute('publicListView');?>"></script>
+<input type="hidden" id="disableSharing" data-status="<?php echo $_['disableSharing']; ?>">

 <?php foreach($_['files'] as $file):
 	$simple_file_size = OCP\simple_file_size($file['size']);
--- a/apps/files_sharing/js/share.js
+++ b/apps/files_sharing/js/share.js
@ -1,5 +1,7 @@
 $(document).ready(function() {

+	var disableSharing = $('#disableSharing').data('status');
+
 	if (typeof OC.Share !== 'undefined' && typeof FileActions !== 'undefined'  && !disableSharing) {

 		FileActions.register('all', 'Share', OC.PERMISSION_READ, OC.imagePath('core', 'actions/share'), function(filename) {
--- a/apps/files_sharing/templates/public.php
+++ b/apps/files_sharing/templates/public.php
@ -1,5 +1,3 @@
-<script type="text/javascript" src="<?php echo OC_Helper::linkToRoute('publicListView');?>"></script>
-
 <input type="hidden" name="dir" value="<?php echo $_['dir'] ?>" id="dir">
 <input type="hidden" name="downloadURL" value="<?php echo $_['downloadURL'] ?>" id="downloadURL">
 <input type="hidden" name="filename" value="<?php echo $_['filename'] ?>" id="filename">
--- a/core/js/config.php
+++ b/core/js/config.php
@ -17,11 +17,15 @@ header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
 $l = OC_L10N::get('core');

 // Get the config
-$debug = (defined('DEBUG') && DEBUG) ? 'true' : 'false';
+$apps_paths = array();
+foreach(OC_App::getEnabledApps() as $app) {
+	$apps_paths[$app] = OC_App::getAppWebPath($app);
+}
+
 $array = array(
-	"oc_debug" => $debug,
+	"oc_debug" => (defined('DEBUG') && DEBUG) ? 'true' : 'false',
 	"oc_webroot" => "\"".OC::$WEBROOT."\"",
-	"oc_appswebroots" =>  "\"".$_['apps_paths']. "\"", 
+	"oc_appswebroots" =>  str_replace('\\/', '/', json_encode($apps_paths)), // Ugly unescape slashes waiting for better solution
 	"oc_current_user" =>  "\"".OC_User::getUser(). "\"",
 	"oc_requesttoken" =>  "\"".OC_Util::callRegister(). "\"",
 	"datepickerFormatDate" => json_encode($l->l('jsdate', 'jsdate')),
--- a/lib/templatelayout.php
+++ b/lib/templatelayout.php
@ -28,11 +28,6 @@ class OC_TemplateLayout extends OC_Template {
 					break;
 				}
 			}
-			$apps_paths = array();
-			foreach(OC_App::getEnabledApps() as $app) {
-				$apps_paths[$app] = OC_App::getAppWebPath($app);
-			}
-			$this->assign( 'apps_paths', str_replace('\\/', '/', json_encode($apps_paths)), false ); // Ugly unescape slashes waiting for better solution
 		} else if ($renderas == 'guest') {
 			parent::__construct('core', 'layout.guest');
 		} else {