Merge pull request #20905 from owncloud/allow-framing-itself
Allow framing 'self'
This commit is contained in:
commit
e1bf50edd2
|
@ -23,6 +23,7 @@ namespace OCA\Files\Controller;
|
|||
|
||||
use OC\AppFramework\Http\Request;
|
||||
use OCP\AppFramework\Controller;
|
||||
use OCP\AppFramework\Http\ContentSecurityPolicy;
|
||||
use OCP\AppFramework\Http\RedirectResponse;
|
||||
use OCP\AppFramework\Http\TemplateResponse;
|
||||
use OCP\IL10N;
|
||||
|
@ -215,10 +216,15 @@ class ViewController extends Controller {
|
|||
$params['appContents'] = $contentItems;
|
||||
$this->navigationManager->setActiveEntry('files_index');
|
||||
|
||||
return new TemplateResponse(
|
||||
$response = new TemplateResponse(
|
||||
$this->appName,
|
||||
'index',
|
||||
$params
|
||||
);
|
||||
$policy = new ContentSecurityPolicy();
|
||||
$policy->addAllowedFrameDomain('\'self\'');
|
||||
$response->setContentSecurityPolicy($policy);
|
||||
|
||||
return $response;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -245,6 +245,9 @@ class ViewControllerTest extends TestCase {
|
|||
],
|
||||
]
|
||||
);
|
||||
$policy = new Http\ContentSecurityPolicy();
|
||||
$policy->addAllowedFrameDomain('\'self\'');
|
||||
$expected->setContentSecurityPolicy($policy);
|
||||
$this->assertEquals($expected, $this->viewController->index('MyDir', 'MyView'));
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue