cloudcollaborationdecentralizeddesigndistributedenterprisefederatedfederationfile-sharingfree-softwarehacktoberfestjavascriptnextcloudopen-sourceopensourceowncloudself-hostingsharingusabilityux
Allows to inject something into the default content policy. This is for example useful when you're injecting Javascript code into a view belonging to another controller and cannot modify its Content-Security-Policy itself. Note that the adjustment is only applied to applications that use AppFramework controllers. To use this from your `app.php` use `\OC::$server->getContentSecurityPolicyManager()->addDefaultPolicy($policy)`, $policy has to be of type `\OCP\AppFramework\Http\ContentSecurityPolicy`. To test this add something like the following into an `app.php` of any enabled app: ``` $manager = \OC::$server->getContentSecurityPolicyManager(); $policy = new \OCP\AppFramework\Http\ContentSecurityPolicy(false); $policy->addAllowedFrameDomain('asdf'); $policy->addAllowedScriptDomain('yolo.com'); $policy->allowInlineScript(false); $manager->addDefaultPolicy($policy); $policy = new \OCP\AppFramework\Http\ContentSecurityPolicy(false); $policy->addAllowedFontDomain('yolo.com'); $manager->addDefaultPolicy($policy); $policy = new \OCP\AppFramework\Http\ContentSecurityPolicy(false); $policy->addAllowedFrameDomain('banana.com'); $manager->addDefaultPolicy($policy); ``` If you now open the files app the policy should be: ``` Content-Security-Policy:default-src 'none';script-src yolo.com 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src yolo.com 'self';connect-src 'self';media-src 'self';frame-src asdf banana.com 'self' ``` |
||
---|---|---|
.idea | ||
3rdparty@177daad35d | ||
apps | ||
build | ||
config | ||
core | ||
l10n | ||
lib | ||
ocs | ||
ocs-provider | ||
resources | ||
settings | ||
tests | ||
themes | ||
.bowerrc | ||
.gitignore | ||
.gitmodules | ||
.htaccess | ||
.jshintrc | ||
.mailmap | ||
.mention-bot | ||
.scrutinizer.yml | ||
.tag | ||
.travis.yml | ||
.user.ini | ||
AUTHORS | ||
CONTRIBUTING.md | ||
COPYING-AGPL | ||
COPYING-README | ||
README.md | ||
autotest-external.sh | ||
autotest-hhvm.sh | ||
autotest-js.sh | ||
autotest.cmd | ||
autotest.sh | ||
bower.json | ||
buildjsdocs.sh | ||
console.php | ||
cron.php | ||
db_structure.xml | ||
index.html | ||
index.php | ||
issue_template.md | ||
occ | ||
public.php | ||
remote.php | ||
robots.txt | ||
status.php | ||
version.php |
README.md
ownCloud Core
ownCloud gives you freedom and control over your own data. A personal cloud which runs on your own server.
Why is this so awesome?
- 📁 Access your Data You can store your files, contacts, calendars and more on a server of your choosing.
- 📦 Sync your Data You keep your files, contacts, calendars and more synchronized amongst your devices.
- 🔄 Share your Data You share your data with others, and give them access to your latest photo galleries, your calendar or anything else you want them to see.
- 🚀 Expandable with dozens of Apps ...like Calendar, Contacts, Mail or News.
- ☁️ All Benefits of the Cloud ...on your own Server.
- 🔒 Encryption You can encrypt data in transit with secure https connections. You can enable the encryption app to encrypt data on storage for improved security and privacy.
- ...
Installation instructions
https://doc.owncloud.org/server/9.0/developer_manual/app/index.html
Contribution Guidelines
https://owncloud.org/contribute/
Support
Learn about the diffrent ways you can get support for ownCloud: https://owncloud.org/support/
Get in touch
- 📋 Forum
- ✉️ Mailing list
- #️⃣ IRC channel
- 👥 [Facebook] (https://facebook.com/ownclouders)
Important notice on translations
Please submit translations via Transifex: https://www.transifex.com/projects/p/owncloud/
For more detailed information about translations: http://doc.owncloud.org/server/9.0/developer_manual/core/translation.html