nextcloud

Commit Graph

Author	SHA1	Message	Date
Sam Bull	ea935f65fd	Add support for CSP_NONCE server variable Allow passing a nonce from the web server, allowing the possibility to enforce a strict CSP from the web server. Signed-off-by: Sam Bull <git@sambull.org> Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-07-18 12:16:29 +02:00
Roeland Jago Douma	0fdc65a15c	Add nonce for Safari 12+ As far as I can tell this should work now. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-21 20:48:12 +02:00
Roeland Jago Douma	4ed9b74a6b	Make OC\Security\CSP strict Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-03-05 15:27:05 +01:00
Morris Jobke	0eebff152a	Update license headers Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2017-11-06 16:56:19 +01:00
Lukas Reschke	7d221ff8f4	Safari CSPv3 support is sub-par With 10.0.1 CSPv3 is broken in Safari if it doesn't run from a local IP. Awesome. => Let's remove this for Safari and keep chrome and Firefox in the whitelist. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2016-12-14 13:17:20 +01:00
Joas Schilling	c20ab0049f	Identify Chromium as Chrome Signed-off-by: Joas Schilling <coding@schilljs.com>	2016-10-26 12:07:10 +02:00
Lukas Reschke	015affb082	Missing returns + autoloader file Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2016-10-25 22:13:09 +02:00
Roeland Jago Douma	e351ba56f1	Move browserSupportsCspV3 to CSPNonceManager Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2016-10-25 22:03:10 +02:00
Lukas Reschke	38b3ac8213	Add ContentSecurityPolicyNonceManager Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2016-10-24 16:35:31 +02:00

9 Commits