Merge pull request #1917 from nextcloud/ocjs_inline
Inline oc.js when possible!
This commit is contained in:
Morris Jobke
GitHub
commit
9a70c137d2
|
|
@ -0,0 +1,92 @@
|
|||
<?php
|
||||
/**
|
||||
* @copyright Copyright (c) 2016, Roeland Jago Douma <roeland@famdouma.nl>
|
||||
*
|
||||
* @author Roeland Jago Douma <roeland@famdouma.nl>
|
||||
*
|
||||
* @license GNU AGPL version 3 or any later version
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
namespace OC\Core\Controller;
|
||||
|
||||
use bantu\IniGetWrapper\IniGetWrapper;
|
||||
use OC\Template\JSConfigHelper;
|
||||
use OCP\App\IAppManager;
|
||||
use OCP\AppFramework\Controller;
|
||||
use OCP\AppFramework\Http;
|
||||
use OCP\AppFramework\Http\DataDisplayResponse;
|
||||
use OCP\IConfig;
|
||||
use OCP\IGroupManager;
|
||||
use OCP\IL10N;
|
||||
use OCP\IRequest;
|
||||
use OCP\IURLGenerator;
|
||||
use OCP\IUserSession;
|
||||
|
||||
class OCJSController extends Controller {
|
||||
|
||||
/** @var JSConfigHelper */
|
||||
private $helper;
|
||||
|
||||
/**
|
||||
* OCJSController constructor.
|
||||
*
|
||||
* @param string $appName
|
||||
* @param IRequest $request
|
||||
* @param IL10N $l
|
||||
* @param \OC_Defaults $defaults
|
||||
* @param IAppManager $appManager
|
||||
* @param IUserSession $session
|
||||
* @param IConfig $config
|
||||
* @param IGroupManager $groupManager
|
||||
* @param IniGetWrapper $iniWrapper
|
||||
* @param IURLGenerator $urlGenerator
|
||||
*/
|
||||
public function __construct($appName,
|
||||
IRequest $request,
|
||||
IL10N $l,
|
||||
\OC_Defaults $defaults,
|
||||
IAppManager $appManager,
|
||||
IUserSession $session,
|
||||
IConfig $config,
|
||||
IGroupManager $groupManager,
|
||||
IniGetWrapper $iniWrapper,
|
||||
IURLGenerator $urlGenerator) {
|
||||
parent::__construct($appName, $request);
|
||||
|
||||
$this->helper = new JSConfigHelper(
|
||||
$l,
|
||||
$defaults,
|
||||
$appManager,
|
||||
$session->getUser(),
|
||||
$config,
|
||||
$groupManager,
|
||||
$iniWrapper,
|
||||
$urlGenerator
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* @NoCSRFRequired
|
||||
* @PublicPage
|
||||
*
|
||||
* @return DataDisplayResponse
|
||||
*/
|
||||
public function getConfig() {
|
||||
$data = $this->helper->getConfig();
|
||||
|
||||
return new DataDisplayResponse($data, Http::STATUS_OK, ['Content-type' => 'text/javascript']);
|
||||
}
|
||||
}
|
||||
|
|
@ -51,6 +51,7 @@ $application->registerRoutes($this, [
|
|||
['name' => 'TwoFactorChallenge#selectChallenge', 'url' => '/login/selectchallenge', 'verb' => 'GET'],
|
||||
['name' => 'TwoFactorChallenge#showChallenge', 'url' => '/login/challenge/{challengeProviderId}', 'verb' => 'GET'],
|
||||
['name' => 'TwoFactorChallenge#solveChallenge', 'url' => '/login/challenge/{challengeProviderId}', 'verb' => 'POST'],
|
||||
['name' => 'OCJS#getConfig', 'url' => '/core/js/oc.js', 'verb' => 'GET'],
|
||||
],
|
||||
'ocs' => [
|
||||
['root' => '/cloud', 'name' => 'OCS#getCapabilities', 'url' => '/capabilities', 'verb' => 'GET'],
|
||||
|
|
@ -66,9 +67,6 @@ $application->registerRoutes($this, [
|
|||
// Search
|
||||
$this->create('search_ajax_search', '/core/search')
|
||||
->actionInclude('core/search/ajax/search.php');
|
||||
// oC JS config
|
||||
$this->create('js_config', '/core/js/oc.js')
|
||||
->actionInclude('core/js/config.php');
|
||||
// Routing
|
||||
$this->create('core_ajax_preview', '/core/preview')
|
||||
->actionInclude('core/ajax/preview.php');
|
||||
|
|
|
|||
|
|
@ -18,6 +18,11 @@
|
|||
<?php foreach($_['printcssfiles'] as $cssfile): ?>
|
||||
<link rel="stylesheet" href="<?php print_unescaped($cssfile); ?>" media="print">
|
||||
<?php endforeach; ?>
|
||||
<?php if (isset($_['inline_ocjs'])): ?>
|
||||
<script nonce="<?php p(\OC::$server->getContentSecurityPolicyNonceManager()->getNonce()) ?>" type="text/javascript">
|
||||
<?php print_unescaped($_['inline_ocjs']); ?>
|
||||
</script>
|
||||
<?php endif; ?>
|
||||
<?php foreach ($_['jsfiles'] as $jsfile): ?>
|
||||
<script nonce="<?php p(\OC::$server->getContentSecurityPolicyNonceManager()->getNonce()) ?>" src="<?php print_unescaped($jsfile); ?>"></script>
|
||||
<?php endforeach; ?>
|
||||
|
|
|
|||
|
|
@ -19,6 +19,11 @@
|
|||
<?php foreach($_['printcssfiles'] as $cssfile): ?>
|
||||
<link rel="stylesheet" href="<?php print_unescaped($cssfile); ?>" media="print">
|
||||
<?php endforeach; ?>
|
||||
<?php if (isset($_['inline_ocjs'])): ?>
|
||||
<script nonce="<?php p(\OC::$server->getContentSecurityPolicyNonceManager()->getNonce()) ?>" type="text/javascript">
|
||||
<?php print_unescaped($_['inline_ocjs']); ?>
|
||||
</script>
|
||||
<?php endif; ?>
|
||||
<?php foreach($_['jsfiles'] as $jsfile): ?>
|
||||
<script nonce="<?php p(\OC::$server->getContentSecurityPolicyNonceManager()->getNonce()) ?>" src="<?php print_unescaped($jsfile); ?>"></script>
|
||||
<?php endforeach; ?>
|
||||
|
|
|
|||
|
|
@ -26,6 +26,11 @@
|
|||
<?php foreach($_['printcssfiles'] as $cssfile): ?>
|
||||
<link rel="stylesheet" href="<?php print_unescaped($cssfile); ?>" media="print">
|
||||
<?php endforeach; ?>
|
||||
<?php if (isset($_['inline_ocjs'])): ?>
|
||||
<script nonce="<?php p(\OC::$server->getContentSecurityPolicyNonceManager()->getNonce()) ?>" type="text/javascript">
|
||||
<?php print_unescaped($_['inline_ocjs']); ?>
|
||||
</script>
|
||||
<?php endif; ?>
|
||||
<?php foreach($_['jsfiles'] as $jsfile): ?>
|
||||
<script nonce="<?php p(\OC::$server->getContentSecurityPolicyNonceManager()->getNonce()) ?>" src="<?php print_unescaped($jsfile); ?>"></script>
|
||||
<?php endforeach; ?>
|
||||
|
|
|
|||
|
|
@ -402,6 +402,7 @@ return array(
|
|||
'OC\\Core\\Controller\\AvatarController' => $baseDir . '/core/Controller/AvatarController.php',
|
||||
'OC\\Core\\Controller\\LoginController' => $baseDir . '/core/Controller/LoginController.php',
|
||||
'OC\\Core\\Controller\\LostController' => $baseDir . '/core/Controller/LostController.php',
|
||||
'OC\\Core\\Controller\\OCJSController' => $baseDir . '/core/Controller/OCJSController.php',
|
||||
'OC\\Core\\Controller\\OCSController' => $baseDir . '/core/Controller/OCSController.php',
|
||||
'OC\\Core\\Controller\\SetupController' => $baseDir . '/core/Controller/SetupController.php',
|
||||
'OC\\Core\\Controller\\TwoFactorChallengeController' => $baseDir . '/core/Controller/TwoFactorChallengeController.php',
|
||||
|
|
@ -752,6 +753,7 @@ return array(
|
|||
'OC\\TemplateLayout' => $baseDir . '/lib/private/TemplateLayout.php',
|
||||
'OC\\Template\\Base' => $baseDir . '/lib/private/Template/Base.php',
|
||||
'OC\\Template\\CSSResourceLocator' => $baseDir . '/lib/private/Template/CSSResourceLocator.php',
|
||||
'OC\\Template\\JSConfigHelper' => $baseDir . '/lib/private/Template/JSConfigHelper.php',
|
||||
'OC\\Template\\JSResourceLocator' => $baseDir . '/lib/private/Template/JSResourceLocator.php',
|
||||
'OC\\Template\\ResourceLocator' => $baseDir . '/lib/private/Template/ResourceLocator.php',
|
||||
'OC\\Template\\ResourceNotFoundException' => $baseDir . '/lib/private/Template/ResourceNotFoundException.php',
|
||||
|
|
|
|||
|
|
@ -432,6 +432,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
|
|||
'OC\\Core\\Controller\\AvatarController' => __DIR__ . '/../../..' . '/core/Controller/AvatarController.php',
|
||||
'OC\\Core\\Controller\\LoginController' => __DIR__ . '/../../..' . '/core/Controller/LoginController.php',
|
||||
'OC\\Core\\Controller\\LostController' => __DIR__ . '/../../..' . '/core/Controller/LostController.php',
|
||||
'OC\\Core\\Controller\\OCJSController' => __DIR__ . '/../../..' . '/core/Controller/OCJSController.php',
|
||||
'OC\\Core\\Controller\\OCSController' => __DIR__ . '/../../..' . '/core/Controller/OCSController.php',
|
||||
'OC\\Core\\Controller\\SetupController' => __DIR__ . '/../../..' . '/core/Controller/SetupController.php',
|
||||
'OC\\Core\\Controller\\TwoFactorChallengeController' => __DIR__ . '/../../..' . '/core/Controller/TwoFactorChallengeController.php',
|
||||
|
|
@ -782,6 +783,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
|
|||
'OC\\TemplateLayout' => __DIR__ . '/../../..' . '/lib/private/TemplateLayout.php',
|
||||
'OC\\Template\\Base' => __DIR__ . '/../../..' . '/lib/private/Template/Base.php',
|
||||
'OC\\Template\\CSSResourceLocator' => __DIR__ . '/../../..' . '/lib/private/Template/CSSResourceLocator.php',
|
||||
'OC\\Template\\JSConfigHelper' => __DIR__ . '/../../..' . '/lib/private/Template/JSConfigHelper.php',
|
||||
'OC\\Template\\JSResourceLocator' => __DIR__ . '/../../..' . '/lib/private/Template/JSResourceLocator.php',
|
||||
'OC\\Template\\ResourceLocator' => __DIR__ . '/../../..' . '/lib/private/Template/ResourceLocator.php',
|
||||
'OC\\Template\\ResourceNotFoundException' => __DIR__ . '/../../..' . '/lib/private/Template/ResourceNotFoundException.php',
|
||||
|
|
|
|||
|
|
@ -380,7 +380,8 @@ class DIContainer extends SimpleContainer implements IAppContainer {
|
|||
$app->isLoggedIn(),
|
||||
$app->isAdminUser(),
|
||||
$app->getServer()->getContentSecurityPolicyManager(),
|
||||
$app->getServer()->getCsrfTokenManager()
|
||||
$app->getServer()->getCsrfTokenManager(),
|
||||
$app->getServer()->getContentSecurityPolicyNonceManager()
|
||||
);
|
||||
});
|
||||
|
||||
|
|
|
|||
|
|
@ -36,6 +36,7 @@ use OC\AppFramework\Middleware\Security\Exceptions\NotLoggedInException;
|
|||
use OC\AppFramework\Middleware\Security\Exceptions\StrictCookieMissingException;
|
||||
use OC\AppFramework\Utility\ControllerMethodReflector;
|
||||
use OC\Security\CSP\ContentSecurityPolicyManager;
|
||||
use OC\Security\CSP\ContentSecurityPolicyNonceManager;
|
||||
use OC\Security\CSRF\CsrfTokenManager;
|
||||
use OCP\AppFramework\Http\ContentSecurityPolicy;
|
||||
use OCP\AppFramework\Http\EmptyContentSecurityPolicy;
|
||||
|
|
@ -80,6 +81,8 @@ class SecurityMiddleware extends Middleware {
|
|||
private $contentSecurityPolicyManager;
|
||||
/** @var CsrfTokenManager */
|
||||
private $csrfTokenManager;
|
||||
/** @var ContentSecurityPolicyNonceManager */
|
||||
private $cspNonceManager;
|
||||
|
||||
/**
|
||||
* @param IRequest $request
|
||||
|
|
@ -92,6 +95,7 @@ class SecurityMiddleware extends Middleware {
|
|||
* @param bool $isAdminUser
|
||||
* @param ContentSecurityPolicyManager $contentSecurityPolicyManager
|
||||
* @param CSRFTokenManager $csrfTokenManager
|
||||
* @param ContentSecurityPolicyNonceManager $cspNonceManager
|
||||
*/
|
||||
public function __construct(IRequest $request,
|
||||
ControllerMethodReflector $reflector,
|
||||
|
|
@ -102,7 +106,8 @@ class SecurityMiddleware extends Middleware {
|
|||
$isLoggedIn,
|
||||
$isAdminUser,
|
||||
ContentSecurityPolicyManager $contentSecurityPolicyManager,
|
||||
CsrfTokenManager $csrfTokenManager) {
|
||||
CsrfTokenManager $csrfTokenManager,
|
||||
ContentSecurityPolicyNonceManager $cspNonceManager) {
|
||||
$this->navigationManager = $navigationManager;
|
||||
$this->request = $request;
|
||||
$this->reflector = $reflector;
|
||||
|
|
@ -113,6 +118,7 @@ class SecurityMiddleware extends Middleware {
|
|||
$this->isAdminUser = $isAdminUser;
|
||||
$this->contentSecurityPolicyManager = $contentSecurityPolicyManager;
|
||||
$this->csrfTokenManager = $csrfTokenManager;
|
||||
$this->cspNonceManager = $cspNonceManager;
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -177,23 +183,6 @@ class SecurityMiddleware extends Middleware {
|
|||
|
||||
}
|
||||
|
||||
private function browserSupportsCspV3() {
|
||||
$browserWhitelist = [
|
||||
// Chrome 40+
|
||||
'/^Mozilla\/5\.0 \([^)]+\) AppleWebKit\/[0-9.]+ \(KHTML, like Gecko\) Chrome\/[4-9][0-9].[0-9.]+ (Mobile Safari|Safari)\/[0-9.]+$/',
|
||||
// Firefox 45+
|
||||
'/^Mozilla\/5\.0 \([^)]+\) Gecko\/[0-9.]+ Firefox\/(4[5-9]|[5-9][0-9])\.[0-9.]+$/',
|
||||
// Safari 10+
|
||||
'/^Mozilla\/5\.0 \([^)]+\) AppleWebKit\/[0-9.]+ \(KHTML, like Gecko\) Version\/1[0-9.]+ Safari\/[0-9.A-Z]+$/',
|
||||
];
|
||||
|
||||
if($this->request->isUserAgent($browserWhitelist)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Performs the default CSP modifications that may be injected by other
|
||||
* applications
|
||||
|
|
@ -213,7 +202,7 @@ class SecurityMiddleware extends Middleware {
|
|||
$defaultPolicy = $this->contentSecurityPolicyManager->getDefaultPolicy();
|
||||
$defaultPolicy = $this->contentSecurityPolicyManager->mergePolicies($defaultPolicy, $policy);
|
||||
|
||||
if($this->browserSupportsCspV3()) {
|
||||
if($this->cspNonceManager->browserSupportsCspV3()) {
|
||||
$defaultPolicy->useJsNonce($this->csrfTokenManager->getToken()->getEncryptedValue());
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -22,6 +22,7 @@
|
|||
namespace OC\Security\CSP;
|
||||
|
||||
use OC\Security\CSRF\CsrfTokenManager;
|
||||
use OCP\IRequest;
|
||||
|
||||
/**
|
||||
* @package OC\Security\CSP
|
||||
|
|
@ -29,14 +30,19 @@ use OC\Security\CSRF\CsrfTokenManager;
|
|||
class ContentSecurityPolicyNonceManager {
|
||||
/** @var CsrfTokenManager */
|
||||
private $csrfTokenManager;
|
||||
/** @var IRequest */
|
||||
private $request;
|
||||
/** @var string */
|
||||
private $nonce = '';
|
||||
|
||||
/**
|
||||
* @param CsrfTokenManager $csrfTokenManager
|
||||
* @param IRequest $request
|
||||
*/
|
||||
public function __construct(CsrfTokenManager $csrfTokenManager) {
|
||||
public function __construct(CsrfTokenManager $csrfTokenManager,
|
||||
IRequest $request) {
|
||||
$this->csrfTokenManager = $csrfTokenManager;
|
||||
$this->request = $request;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -51,4 +57,26 @@ class ContentSecurityPolicyNonceManager {
|
|||
|
||||
return $this->nonce;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if the browser supports CSP v3
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
public function browserSupportsCspV3() {
|
||||
$browserWhitelist = [
|
||||
// Chrome 40+
|
||||
'/^Mozilla\/5\.0 \([^)]+\) AppleWebKit\/[0-9.]+ \(KHTML, like Gecko\) Chrome\/[4-9][0-9].[0-9.]+ (Mobile Safari|Safari)\/[0-9.]+$/',
|
||||
// Firefox 45+
|
||||
'/^Mozilla\/5\.0 \([^)]+\) Gecko\/[0-9.]+ Firefox\/(4[5-9]|[5-9][0-9])\.[0-9.]+$/',
|
||||
// Safari 10+
|
||||
'/^Mozilla\/5\.0 \([^)]+\) AppleWebKit\/[0-9.]+ \(KHTML, like Gecko\) Version\/1[0-9.]+ Safari\/[0-9.A-Z]+$/',
|
||||
];
|
||||
|
||||
if($this->request->isUserAgent($browserWhitelist)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -711,7 +711,8 @@ class Server extends ServerContainer implements IServerContainer {
|
|||
});
|
||||
$this->registerService('ContentSecurityPolicyNonceManager', function(Server $c) {
|
||||
return new ContentSecurityPolicyNonceManager(
|
||||
$c->getCsrfTokenManager()
|
||||
$c->getCsrfTokenManager(),
|
||||
$c->getRequest()
|
||||
);
|
||||
});
|
||||
$this->registerService('ShareManager', function(Server $c) {
|
||||
|
|
|
|||
|
|
@ -0,0 +1,243 @@
|
|||
<?php
|
||||
/**
|
||||
* @copyright Copyright (c) 2016, Roeland Jago Douma <roeland@famdouma.nl>
|
||||
*
|
||||
* @author Roeland Jago Douma <roeland@famdouma.nl>
|
||||
*
|
||||
* @license GNU AGPL version 3 or any later version
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
namespace OC\Template;
|
||||
|
||||
use bantu\IniGetWrapper\IniGetWrapper;
|
||||
use OCP\App\IAppManager;
|
||||
use OCP\IConfig;
|
||||
use OCP\IGroupManager;
|
||||
use OCP\IL10N;
|
||||
use OCP\IURLGenerator;
|
||||
use OCP\IUser;
|
||||
|
||||
class JSConfigHelper {
|
||||
|
||||
/** @var IL10N */
|
||||
private $l;
|
||||
|
||||
/** @var \OC_Defaults */
|
||||
private $defaults;
|
||||
|
||||
/** @var IAppManager */
|
||||
private $appManager;
|
||||
|
||||
/** @var IUser */
|
||||
private $currentUser;
|
||||
|
||||
/** @var IConfig */
|
||||
private $config;
|
||||
|
||||
/** @var IGroupManager */
|
||||
private $groupManager;
|
||||
|
||||
/** @var IniGetWrapper */
|
||||
private $iniWrapper;
|
||||
|
||||
/** @var IURLGenerator */
|
||||
private $urlGenerator;
|
||||
|
||||
/**
|
||||
* @param IL10N $l
|
||||
* @param \OC_Defaults $defaults
|
||||
* @param IAppManager $appManager
|
||||
* @param IUser|null $currentUser
|
||||
* @param IConfig $config
|
||||
* @param IGroupManager $groupManager
|
||||
* @param IniGetWrapper $iniWrapper
|
||||
* @param IURLGenerator $urlGenerator
|
||||
*/
|
||||
public function __construct(IL10N $l,
|
||||
\OC_Defaults $defaults,
|
||||
IAppManager $appManager,
|
||||
$currentUser,
|
||||
IConfig $config,
|
||||
IGroupManager $groupManager,
|
||||
IniGetWrapper $iniWrapper,
|
||||
IURLGenerator $urlGenerator) {
|
||||
$this->l = $l;
|
||||
$this->defaults = $defaults;
|
||||
$this->appManager = $appManager;
|
||||
$this->currentUser = $currentUser;
|
||||
$this->config = $config;
|
||||
$this->groupManager = $groupManager;
|
||||
$this->iniWrapper = $iniWrapper;
|
||||
$this->urlGenerator = $urlGenerator;
|
||||
}
|
||||
|
||||
public function getConfig() {
|
||||
|
||||
if ($this->currentUser !== null) {
|
||||
$uid = $this->currentUser->getUID();
|
||||
} else {
|
||||
$uid = null;
|
||||
}
|
||||
|
||||
// Get the config
|
||||
$apps_paths = [];
|
||||
|
||||
if ($this->currentUser === null) {
|
||||
$apps = $this->appManager->getInstalledApps();
|
||||
} else {
|
||||
$apps = $this->appManager->getEnabledAppsForUser($this->currentUser);
|
||||
}
|
||||
|
||||
foreach($apps as $app) {
|
||||
$apps_paths[$app] = \OC_App::getAppWebPath($app);
|
||||
}
|
||||
|
||||
$defaultExpireDateEnabled = $this->config->getAppValue('core', 'shareapi_default_expire_date', 'no') === 'yes';
|
||||
$defaultExpireDate = $enforceDefaultExpireDate = null;
|
||||
if ($defaultExpireDateEnabled) {
|
||||
$defaultExpireDate = (int) $this->config->getAppValue('core', 'shareapi_expire_after_n_days', '7');
|
||||
$enforceDefaultExpireDate = $this->config->getAppValue('core', 'shareapi_enforce_expire_date', 'no') === 'yes';
|
||||
}
|
||||
$outgoingServer2serverShareEnabled = $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes') === 'yes';
|
||||
|
||||
$countOfDataLocation = 0;
|
||||
$dataLocation = str_replace(\OC::$SERVERROOT .'/', '', $this->config->getSystemValue('datadirectory', ''), $countOfDataLocation);
|
||||
if($countOfDataLocation !== 1 || !$this->groupManager->isAdmin($uid)) {
|
||||
$dataLocation = false;
|
||||
}
|
||||
|
||||
$array = [
|
||||
"oc_debug" => $this->config->getSystemValue('debug', false) ? 'true' : 'false',
|
||||
"oc_isadmin" => $this->groupManager->isAdmin($uid) ? 'true' : 'false',
|
||||
"oc_dataURL" => is_string($dataLocation) ? "\"".$dataLocation."\"" : 'false',
|
||||
"oc_webroot" => "\"".\OC::$WEBROOT."\"",
|
||||
"oc_appswebroots" => str_replace('\\/', '/', json_encode($apps_paths)), // Ugly unescape slashes waiting for better solution
|
||||
"datepickerFormatDate" => json_encode($this->l->l('jsdate', null)),
|
||||
"dayNames" => json_encode([
|
||||
(string)$this->l->t('Sunday'),
|
||||
(string)$this->l->t('Monday'),
|
||||
(string)$this->l->t('Tuesday'),
|
||||
(string)$this->l->t('Wednesday'),
|
||||
(string)$this->l->t('Thursday'),
|
||||
(string)$this->l->t('Friday'),
|
||||
(string)$this->l->t('Saturday')
|
||||
]),
|
||||
"dayNamesShort" => json_encode([
|
||||
(string)$this->l->t('Sun.'),
|
||||
(string)$this->l->t('Mon.'),
|
||||
(string)$this->l->t('Tue.'),
|
||||
(string)$this->l->t('Wed.'),
|
||||
(string)$this->l->t('Thu.'),
|
||||
(string)$this->l->t('Fri.'),
|
||||
(string)$this->l->t('Sat.')
|
||||
]),
|
||||
"dayNamesMin" => json_encode([
|
||||
(string)$this->l->t('Su'),
|
||||
(string)$this->l->t('Mo'),
|
||||
(string)$this->l->t('Tu'),
|
||||
(string)$this->l->t('We'),
|
||||
(string)$this->l->t('Th'),
|
||||
(string)$this->l->t('Fr'),
|
||||
(string)$this->l->t('Sa')
|
||||
]),
|
||||
"monthNames" => json_encode([
|
||||
(string)$this->l->t('January'),
|
||||
(string)$this->l->t('February'),
|
||||
(string)$this->l->t('March'),
|
||||
(string)$this->l->t('April'),
|
||||
(string)$this->l->t('May'),
|
||||
(string)$this->l->t('June'),
|
||||
(string)$this->l->t('July'),
|
||||
(string)$this->l->t('August'),
|
||||
(string)$this->l->t('September'),
|
||||
(string)$this->l->t('October'),
|
||||
(string)$this->l->t('November'),
|
||||
(string)$this->l->t('December')
|
||||
]),
|
||||
"monthNamesShort" => json_encode([
|
||||
(string)$this->l->t('Jan.'),
|
||||
(string)$this->l->t('Feb.'),
|
||||
(string)$this->l->t('Mar.'),
|
||||
(string)$this->l->t('Apr.'),
|
||||
(string)$this->l->t('May.'),
|
||||
(string)$this->l->t('Jun.'),
|
||||
(string)$this->l->t('Jul.'),
|
||||
(string)$this->l->t('Aug.'),
|
||||
(string)$this->l->t('Sep.'),
|
||||
(string)$this->l->t('Oct.'),
|
||||
(string)$this->l->t('Nov.'),
|
||||
(string)$this->l->t('Dec.')
|
||||
]),
|
||||
"firstDay" => json_encode($this->l->l('firstday', null)) ,
|
||||
"oc_config" => json_encode([
|
||||
'session_lifetime' => min($this->config->getSystemValue('session_lifetime', $this->iniWrapper->getNumeric('session.gc_maxlifetime')), $this->iniWrapper->getNumeric('session.gc_maxlifetime')),
|
||||
'session_keepalive' => $this->config->getSystemValue('session_keepalive', true),
|
||||
'version' => implode('.', \OCP\Util::getVersion()),
|
||||
'versionstring' => \OC_Util::getVersionString(),
|
||||
'enable_avatars' => $this->config->getSystemValue('enable_avatars', true) === true,
|
||||
'lost_password_link'=> $this->config->getSystemValue('lost_password_link', null),
|
||||
'modRewriteWorking' => (getenv('front_controller_active') === 'true'),
|
||||
]),
|
||||
"oc_appconfig" => json_encode([
|
||||
'core' => [
|
||||
'defaultExpireDateEnabled' => $defaultExpireDateEnabled,
|
||||
'defaultExpireDate' => $defaultExpireDate,
|
||||
'defaultExpireDateEnforced' => $enforceDefaultExpireDate,
|
||||
'enforcePasswordForPublicLink' => \OCP\Util::isPublicLinkPasswordRequired(),
|
||||
'sharingDisabledForUser' => \OCP\Util::isSharingDisabledForUser(),
|
||||
'resharingAllowed' => \OCP\Share::isResharingAllowed(),
|
||||
'remoteShareAllowed' => $outgoingServer2serverShareEnabled,
|
||||
'federatedCloudShareDoc' => $this->urlGenerator->linkToDocs('user-sharing-federated'),
|
||||
'allowGroupSharing' => \OC::$server->getShareManager()->allowGroupSharing()
|
||||
]
|
||||
]),
|
||||
"oc_defaults" => json_encode([
|
||||
'entity' => $this->defaults->getEntity(),
|
||||
'name' => $this->defaults->getName(),
|
||||
'title' => $this->defaults->getTitle(),
|
||||
'baseUrl' => $this->defaults->getBaseUrl(),
|
||||
'syncClientUrl' => $this->defaults->getSyncClientUrl(),
|
||||
'docBaseUrl' => $this->defaults->getDocBaseUrl(),
|
||||
'docPlaceholderUrl' => $this->defaults->buildDocLinkToKey('PLACEHOLDER'),
|
||||
'slogan' => $this->defaults->getSlogan(),
|
||||
'logoClaim' => $this->defaults->getLogoClaim(),
|
||||
'shortFooter' => $this->defaults->getShortFooter(),
|
||||
'longFooter' => $this->defaults->getLongFooter(),
|
||||
'folder' => \OC_Util::getTheme(),
|
||||
]),
|
||||
];
|
||||
|
||||
if ($this->currentUser !== null) {
|
||||
$array['oc_userconfig'] = json_encode([
|
||||
'avatar' => [
|
||||
'version' => (int)$this->config->getUserValue($uid, 'avatar', 'version', 0),
|
||||
]
|
||||
]);
|
||||
}
|
||||
|
||||
// Allow hooks to modify the output values
|
||||
\OC_Hook::emit('\OCP\Config', 'js', array('array' => &$array));
|
||||
|
||||
$result = '';
|
||||
|
||||
// Echo it
|
||||
foreach ($array as $setting => $value) {
|
||||
$result .= 'var '. $setting . '='. $value . ';' . PHP_EOL;
|
||||
}
|
||||
|
||||
return $result;
|
||||
}
|
||||
}
|
||||
|
|
@ -43,6 +43,7 @@ use Assetic\Filter\CssMinFilter;
|
|||
use Assetic\Filter\CssRewriteFilter;
|
||||
use Assetic\Filter\JSqueezeFilter;
|
||||
use Assetic\Filter\SeparatorFilter;
|
||||
use OC\Template\JSConfigHelper;
|
||||
|
||||
class TemplateLayout extends \OC_Template {
|
||||
|
||||
|
|
@ -142,7 +143,22 @@ class TemplateLayout extends \OC_Template {
|
|||
$jsFiles = self::findJavascriptFiles(\OC_Util::$scripts);
|
||||
$this->assign('jsfiles', array());
|
||||
if ($this->config->getSystemValue('installed', false) && $renderAs != 'error') {
|
||||
$this->append( 'jsfiles', \OC::$server->getURLGenerator()->linkToRoute('js_config', ['v' => self::$versionHash]));
|
||||
if (\OC::$server->getContentSecurityPolicyNonceManager()->browserSupportsCspV3()) {
|
||||
$jsConfigHelper = new JSConfigHelper(
|
||||
\OC::$server->getL10N('core'),
|
||||
\OC::$server->getThemingDefaults(),
|
||||
\OC::$server->getAppManager(),
|
||||
\OC::$server->getUserSession()->getUser(),
|
||||
\OC::$server->getConfig(),
|
||||
\OC::$server->getGroupManager(),
|
||||
\OC::$server->getIniWrapper(),
|
||||
\OC::$server->getURLGenerator()
|
||||
);
|
||||
$this->assign('inline_ocjs', $jsConfigHelper->getConfig());
|
||||
$this->assign('foo', 'bar');
|
||||
} else {
|
||||
$this->append('jsfiles', \OC::$server->getURLGenerator()->linkToRoute('core.OCJS.getConfig', ['v' => self::$versionHash]));
|
||||
}
|
||||
}
|
||||
foreach($jsFiles as $info) {
|
||||
$web = $info[1];
|
||||
|
|
|
|||
|
|
@ -36,6 +36,7 @@ use OC\AppFramework\Middleware\Security\SecurityMiddleware;
|
|||
use OC\AppFramework\Utility\ControllerMethodReflector;
|
||||
use OC\Security\CSP\ContentSecurityPolicy;
|
||||
use OC\Security\CSP\ContentSecurityPolicyManager;
|
||||
use OC\Security\CSP\ContentSecurityPolicyNonceManager;
|
||||
use OC\Security\CSRF\CsrfToken;
|
||||
use OC\Security\CSRF\CsrfTokenManager;
|
||||
use OCP\AppFramework\Controller;
|
||||
|
|
@ -76,6 +77,8 @@ class SecurityMiddlewareTest extends \Test\TestCase {
|
|||
private $contentSecurityPolicyManager;
|
||||
/** @var CsrfTokenManager|\PHPUnit_Framework_MockObject_MockObject */
|
||||
private $csrfTokenManager;
|
||||
/** @var ContentSecurityPolicyNonceManager|\PHPUnit_Framework_MockObject_MockObject */
|
||||
private $cspNonceManager;
|
||||
|
||||
protected function setUp() {
|
||||
parent::setUp();
|
||||
|
|
@ -88,6 +91,7 @@ class SecurityMiddlewareTest extends \Test\TestCase {
|
|||
$this->request = $this->createMock(IRequest::class);
|
||||
$this->contentSecurityPolicyManager = $this->createMock(ContentSecurityPolicyManager::class);
|
||||
$this->csrfTokenManager = $this->createMock(CsrfTokenManager::class);
|
||||
$this->cspNonceManager = $this->createMock(ContentSecurityPolicyNonceManager::class);
|
||||
$this->middleware = $this->getMiddleware(true, true);
|
||||
$this->secException = new SecurityException('hey', false);
|
||||
$this->secAjaxException = new SecurityException('hey', true);
|
||||
|
|
@ -109,7 +113,8 @@ class SecurityMiddlewareTest extends \Test\TestCase {
|
|||
$isLoggedIn,
|
||||
$isAdminUser,
|
||||
$this->contentSecurityPolicyManager,
|
||||
$this->csrfTokenManager
|
||||
$this->csrfTokenManager,
|
||||
$this->cspNonceManager
|
||||
);
|
||||
}
|
||||
|
||||
|
|
@ -559,9 +564,9 @@ class SecurityMiddlewareTest extends \Test\TestCase {
|
|||
}
|
||||
|
||||
public function testAfterController() {
|
||||
$this->request
|
||||
$this->cspNonceManager
|
||||
->expects($this->once())
|
||||
->method('isUserAgent')
|
||||
->method('browserSupportsCspV3')
|
||||
->willReturn(false);
|
||||
$response = $this->createMock(Response::class);
|
||||
$defaultPolicy = new ContentSecurityPolicy();
|
||||
|
|
@ -603,9 +608,9 @@ class SecurityMiddlewareTest extends \Test\TestCase {
|
|||
}
|
||||
|
||||
public function testAfterControllerWithContentSecurityPolicy3Support() {
|
||||
$this->request
|
||||
$this->cspNonceManager
|
||||
->expects($this->once())
|
||||
->method('isUserAgent')
|
||||
->method('browserSupportsCspV3')
|
||||
->willReturn(true);
|
||||
$token = $this->createMock(CsrfToken::class);
|
||||
$token
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@ namespace Test\Security\CSP;
|
|||
use OC\Security\CSP\ContentSecurityPolicyNonceManager;
|
||||
use OC\Security\CSRF\CsrfToken;
|
||||
use OC\Security\CSRF\CsrfTokenManager;
|
||||
use OCP\IRequest;
|
||||
use Test\TestCase;
|
||||
|
||||
class ContentSecurityPolicyNonceManagerTest extends TestCase {
|
||||
|
|
@ -35,7 +36,8 @@ class ContentSecurityPolicyNonceManagerTest extends TestCase {
|
|||
public function setUp() {
|
||||
$this->csrfTokenManager = $this->createMock(CsrfTokenManager::class);
|
||||
$this->nonceManager = new ContentSecurityPolicyNonceManager(
|
||||
$this->csrfTokenManager
|
||||
$this->csrfTokenManager,
|
||||
$this->createMock(IRequest::class)
|
||||
);
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue