Don't require Same Site Cookies on assets

Which can be used for public iframe embeeding See https://github.com/nextcloud/calendar/issues/169 Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2018-10-17 09:24:21 +02:00 · 2018-10-17 09:24:21 +02:00 · d63de5471b
parent b88ab75c3a
commit d63de5471b
4 changed files with 6 additions and 0 deletions
--- a/apps/theming/lib/Controller/ThemingController.php
+++ b/apps/theming/lib/Controller/ThemingController.php
@ -397,6 +397,7 @@ class ThemingController extends Controller {
 	/**
 	 * @NoCSRFRequired
 	 * @PublicPage
+	 * @NoSameSiteCookieRequired
 	 *
 	 * @return FileDisplayResponse|NotFoundResponse
 	 * @throws NotPermittedException
@ -428,6 +429,7 @@ class ThemingController extends Controller {
 	/**
 	 * @NoCSRFRequired
 	 * @PublicPage
+	 * @NoSameSiteCookieRequired
 	 *
 	 * @return DataDownloadResponse
 	 */
--- a/core/Controller/CssController.php
+++ b/core/Controller/CssController.php
@ -62,6 +62,7 @@ class CssController extends Controller {
 	/**
 	 * @PublicPage
 	 * @NoCSRFRequired
+	 * @NoSameSiteCookieRequired
 	 *
 	 * @param string $fileName css filename with extension
 	 * @param string $appName css folder name
--- a/core/Controller/JsController.php
+++ b/core/Controller/JsController.php
@ -56,6 +56,7 @@ class JsController extends Controller {
 	/**
 	 * @PublicPage
 	 * @NoCSRFRequired
+	 * @NoSameSiteCookieRequired
 	 *
 	 * @param string $fileName js filename with extension
 	 * @param string $appName js folder name
--- a/core/Controller/SvgController.php
+++ b/core/Controller/SvgController.php
@ -57,6 +57,7 @@ class SvgController extends Controller {
 	/**
 	 * @PublicPage
 	 * @NoCSRFRequired
+	 * @NoSameSiteCookieRequired
 	 *
 	 * Generate svg from filename with the requested color
 	 *
@ -73,6 +74,7 @@ class SvgController extends Controller {
 	/**
 	 * @PublicPage
 	 * @NoCSRFRequired
+	 * @NoSameSiteCookieRequired
 	 *
 	 * Generate svg from filename with the requested color
 	 *