mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #10204 from nextcloud/fix/noid/strict_csp_eval 

Disallow eval on the StrictEvalCSP
This commit is contained in:
Morris Jobke 2018-07-11 22:12:46 +02:00 committed by GitHub
parent 3036b1d03d c21cee248c
commit b242044127
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/public/AppFramework/Http/StrictEvalContentSecurityPolicy.php
View File

@ -46,6 +46,6 @@ class StrictEvalContentSecurityPolicy extends ContentSecurityPolicy {
* @since 14.0.0
*/
public function __construct() {
$this->inlineStyleAllowed = false;
$this->evalScriptAllowed = false;
}
}