Signed-off-by: Sergej Nikolaev <kinolaev@gmail.com>tags/v18.0.0beta1
@@ -196,7 +196,11 @@ class ClientFlowLoginController extends Controller { | |||
$this->session->set(self::stateName, $stateToken); | |||
$csp = new Http\ContentSecurityPolicy(); | |||
$csp->addAllowedFormActionDomain('nc://*'); | |||
if ($client) { | |||
$csp->addAllowedFormActionDomain($client->getRedirectUri()); | |||
} else { | |||
$csp->addAllowedFormActionDomain('nc://*'); | |||
} | |||
$response = new StandaloneTemplateResponse( | |||
$this->appName, | |||
@@ -241,7 +245,11 @@ class ClientFlowLoginController extends Controller { | |||
} | |||
$csp = new Http\ContentSecurityPolicy(); | |||
$csp->addAllowedFormActionDomain('nc://*'); | |||
if ($client) { | |||
$csp->addAllowedFormActionDomain($client->getRedirectUri()); | |||
} else { | |||
$csp->addAllowedFormActionDomain('nc://*'); | |||
} | |||
$response = new StandaloneTemplateResponse( | |||
$this->appName, |
@@ -200,6 +200,7 @@ class ClientFlowLoginControllerTest extends TestCase { | |||
->willReturn('Mac OS X Sync Client'); | |||
$client = new Client(); | |||
$client->setName('My external service'); | |||
$client->setRedirectUri('https://example.com/redirect.php'); | |||
$this->clientMapper | |||
->expects($this->once()) | |||
->method('getByIdentifier') | |||
@@ -249,7 +250,7 @@ class ClientFlowLoginControllerTest extends TestCase { | |||
'guest' | |||
); | |||
$csp = new Http\ContentSecurityPolicy(); | |||
$csp->addAllowedFormActionDomain('nc://*'); | |||
$csp->addAllowedFormActionDomain('https://example.com/redirect.php'); | |||
$expected->setContentSecurityPolicy($csp); | |||
$this->assertEquals($expected, $this->clientFlowLoginController->showAuthPickerPage('MyClientIdentifier')); | |||
} |