Move browserSupportsCspV3 to CSPNonceManager

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

1 files changed, 28 insertions, 1 deletions

diff --git a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
index 0482ea49e5c..fe1c2e4404b 100644
--- a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
+++ b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
@@ -22,6 +22,7 @@
 namespace OC\Security\CSP;
 
 use OC\Security\CSRF\CsrfTokenManager;
+use OCP\IRequest;
 
 /**
  * @package OC\Security\CSP
@@ -29,14 +30,19 @@ use OC\Security\CSRF\CsrfTokenManager;
 class ContentSecurityPolicyNonceManager {
 	/** @var CsrfTokenManager */
 	private $csrfTokenManager;
+	/** @var IRequest */
+	private $request;
 	/** @var string */
 	private $nonce = '';
 
 	/**
 	 * @param CsrfTokenManager $csrfTokenManager
+	 * @param IRequest $request
 	 */
-	public function __construct(CsrfTokenManager $csrfTokenManager) {
+	public function __construct(CsrfTokenManager $csrfTokenManager,
+								IRequest $request) {
 		$this->csrfTokenManager = $csrfTokenManager;
+		$this->request = $request;
 	}
 
 	/**
@@ -51,4 +57,25 @@ class ContentSecurityPolicyNonceManager {
 
 		return $this->nonce;
 	}
+
+	/**
+	 * Check if the browser supports CSP v3
+	 * @return bool
+	 */
+	public function browserSupportsCspV3() {
+		$browserWhitelist = [
+			// Chrome 40+
+			'/^Mozilla\/5\.0 \([^)]+\) AppleWebKit\/[0-9.]+ \(KHTML, like Gecko\) Chrome\/[4-9][0-9].[0-9.]+ (Mobile Safari|Safari)\/[0-9.]+$/',
+			// Firefox 45+
+			'/^Mozilla\/5\.0 \([^)]+\) Gecko\/[0-9.]+ Firefox\/(4[5-9]|[5-9][0-9])\.[0-9.]+$/',
+			// Safari 10+
+			'/^Mozilla\/5\.0 \([^)]+\) AppleWebKit\/[0-9.]+ \(KHTML, like Gecko\) Version\/1[0-9.]+ Safari\/[0-9.A-Z]+$/',
+		];
+
+		if($this->request->isUserAgent($browserWhitelist)) {
+			return true;
+		}
+
+		return false;
+	}
 }