fix: adjust webpack nonce generation

some leftovers where the request token is used instead of the CSP nonce. in general this makes not much difference - but there are some cases where those values differ. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
author: Ferdinand Thiessen <opensource@fthiessen.de> 2025-03-17 12:27:03 +0100
committer: Ferdinand Thiessen <opensource@fthiessen.de> 2025-04-07 14:44:53 +0200
commit: 47734c26f329aff41431f42e7674c2d4404b5a5a (patch)
tree: 9d0f617664fdfd299f3c5cbd0eb1da27b5740d75
parent: 1e8870e3f8ff6ccf7c75d3de23ee270b7ea4f1f7 (diff)
download: nextcloud-server-47734c26f329aff41431f42e7674c2d4404b5a5a.tar.gz
nextcloud-server-47734c26f329aff41431f42e7674c2d4404b5a5a.zip
6 files changed, 14 insertions, 12 deletions
diff --git a/apps/files_sharing/src/additionalScripts.js b/apps/files_sharing/src/additionalScripts.js
index 18812eec537..e8807a7325e 100644
--- a/apps/files_sharing/src/additionalScripts.js
+++ b/apps/files_sharing/src/additionalScripts.js
@@ -2,6 +2,7 @@
  * SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors
  * SPDX-License-Identifier: AGPL-3.0-or-later
  */
+import { getCSPNonce } from '@nextcloud/auth'
 
 import './share.js'
 import './sharebreadcrumbview.js'
@@ -9,6 +10,6 @@ import './style/sharebreadcrumb.scss'
 import './collaborationresourceshandler.js'
 
 // eslint-disable-next-line camelcase
-__webpack_nonce__ = btoa(OC.requestToken)
+__webpack_nonce__ = getCSPNonce()
 
 window.OCA.Sharing = OCA.Sharing
diff --git a/apps/files_sharing/src/collaborationresourceshandler.js b/apps/files_sharing/src/collaborationresourceshandler.js
index adb9cb02fbc..6f3645385b7 100644
--- a/apps/files_sharing/src/collaborationresourceshandler.js
+++ b/apps/files_sharing/src/collaborationresourceshandler.js
@@ -2,9 +2,10 @@
  * SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors
  * SPDX-License-Identifier: AGPL-3.0-or-later
  */
+import { getCSPNonce } from '@nextcloud/auth'
 
 // eslint-disable-next-line camelcase
-__webpack_nonce__ = btoa(OC.requestToken)
+__webpack_nonce__ = getCSPNonce()
 
 window.OCP.Collaboration.registerType('file', {
 	action: () => {
diff --git a/apps/settings/src/main-admin-ai.js b/apps/settings/src/main-admin-ai.js
index d1813d03b50..79bc785a4f6 100644
--- a/apps/settings/src/main-admin-ai.js
+++ b/apps/settings/src/main-admin-ai.js
@@ -2,13 +2,13 @@
  * SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors
  * SPDX-License-Identifier: AGPL-3.0-or-later
  */
-
+import { getCSPNonce } from '@nextcloud/auth'
 import Vue from 'vue'
 
 import ArtificialIntelligence from './components/AdminAI.vue'
 
 // eslint-disable-next-line camelcase
-__webpack_nonce__ = btoa(OC.requestToken)
+__webpack_nonce__ = getCSPNonce()
 
 Vue.prototype.t = t
 
diff --git a/apps/settings/src/main-admin-security.js b/apps/settings/src/main-admin-security.js
index 5248ff3b5fe..26961dcc13e 100644
--- a/apps/settings/src/main-admin-security.js
+++ b/apps/settings/src/main-admin-security.js
@@ -2,7 +2,7 @@
  * SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors
  * SPDX-License-Identifier: AGPL-3.0-or-later
  */
-
+import { getCSPNonce } from '@nextcloud/auth'
 import { loadState } from '@nextcloud/initial-state'
 import Vue from 'vue'
 
@@ -11,7 +11,7 @@ import EncryptionSettings from './components/Encryption/EncryptionSettings.vue'
 import store from './store/admin-security.js'
 
 // eslint-disable-next-line camelcase
-__webpack_nonce__ = btoa(OC.requestToken)
+__webpack_nonce__ = getCSPNonce()
 
 Vue.prototype.t = t
 
diff --git a/apps/settings/src/main-personal-password.js b/apps/settings/src/main-personal-password.js
index 3c0fd18eea5..b74f5f71aa2 100644
--- a/apps/settings/src/main-personal-password.js
+++ b/apps/settings/src/main-personal-password.js
@@ -2,14 +2,14 @@
  * SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
  * SPDX-License-Identifier: AGPL-3.0-or-later
  */
+import { getCSPNonce } from '@nextcloud/auth'
+import { t, n } from '@nextcloud/l10n'
 
 import Vue from 'vue'
-
 import PasswordSection from './components/PasswordSection.vue'
-import { translate as t, translatePlural as n } from '@nextcloud/l10n'
 
 // eslint-disable-next-line camelcase
-__webpack_nonce__ = btoa(OC.requestToken)
+__webpack_nonce__ = getCSPNonce()
 
 Vue.prototype.t = t
 Vue.prototype.n = n
diff --git a/apps/settings/src/main-personal-webauth.js b/apps/settings/src/main-personal-webauth.js
index 4f5397f257c..f451fa8c73b 100644
--- a/apps/settings/src/main-personal-webauth.js
+++ b/apps/settings/src/main-personal-webauth.js
@@ -2,14 +2,14 @@
  * SPDX-FileCopyrightText: 2020 Nextcloud GmbH and Nextcloud contributors
  * SPDX-License-Identifier: AGPL-3.0-or-later
  */
-
-import Vue from 'vue'
+import { getCSPNonce } from '@nextcloud/auth'
 import { loadState } from '@nextcloud/initial-state'
+import Vue from 'vue'
 
 import WebAuthnSection from './components/WebAuthn/Section.vue'
 
 // eslint-disable-next-line camelcase
-__webpack_nonce__ = btoa(OC.requestToken)
+__webpack_nonce__ = getCSPNonce()
 
 Vue.prototype.t = t
author	Ferdinand Thiessen <opensource@fthiessen.de>	2025-03-17 12:27:03 +0100
committer	Ferdinand Thiessen <opensource@fthiessen.de>	2025-04-07 14:44:53 +0200
commit	47734c26f329aff41431f42e7674c2d4404b5a5a (patch)
tree	9d0f617664fdfd299f3c5cbd0eb1da27b5740d75
parent	1e8870e3f8ff6ccf7c75d3de23ee270b7ea4f1f7 (diff)
download	nextcloud-server-47734c26f329aff41431f42e7674c2d4404b5a5a.tar.gz nextcloud-server-47734c26f329aff41431f42e7674c2d4404b5a5a.zip