mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update comment to reflect current CSP policy 

JS unsafe-eval was removed a long time ago in https://github.com/nextcloud/server/pull/11028
This commit is contained in:
Thomas Citharel 2020-12-12 21:11:42 +01:00 committed by GitHub
parent 5644795813
commit 71cf92697c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/public/AppFramework/Http/ContentSecurityPolicy.php
View File

@ -36,7 +36,7 @@ namespace OCP\AppFramework\Http;
* notice that Nextcloud ships already with sensible defaults and those policies
* should require no modification at all for most use-cases.
*
* This class allows unsafe-eval of javascript and unsafe-inline of CSS.
* This class allows unsafe-inline of CSS.
*
* @since 8.1.0
*/