nextcloud

Author	SHA1	Message	Date
Roeland Jago Douma	cf647451e5	Update CSP test cases to handle the new form-action Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-07-31 15:16:10 +02:00
Roeland Jago Douma	ad676c0102	Set default frame-ancestors to 'self' For #13042 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-01-08 15:36:40 +01:00
Roeland Jago Douma	64244e1a4f	CSP: Allow fonts to be provided in data Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-01-07 15:07:06 +01:00
Roeland Jago Douma	5b61ef9213	Disallow unsafe-eval by default Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-14 20:45:34 +02:00
Thomas Citharel	ecf347bd1a	Add CSP frame-ancestors support Didn't set the @since annotation yet. Signed-off-by: Thomas Citharel <tcit@tcit.fr>	2017-09-15 15:23:10 +02:00
Morris Jobke	f9bc53146d	Fix unit tests Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2017-03-28 21:00:12 -06:00
Lukas Reschke	adfd1e63f6	Add base-uri to CSP policy As per https://twitter.com/we1x/status/842032709543333890 a nice security hardening Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2017-03-16 15:16:20 +01:00
Joas Schilling	94ad54ec9b	Move tests/ to PSR-4 (#24731 ) * Move a-b to PSR-4 * Move c-d to PSR-4 * Move e+g to PSR-4 * Move h-l to PSR-4 * Move m-r to PSR-4 * Move s-u to PSR-4 * Move files/ to PSR-4 * Move remaining tests to PSR-4 * Remove Test\ from old autoloader	2016-05-20 15:38:20 +02:00