diff options
| author | Ferdinand Thiessen <opensource@fthiessen.de> | 2024-08-30 23:58:56 +0200 |
|---|---|---|
| committer | Ferdinand Thiessen <opensource@fthiessen.de> | 2024-08-31 00:34:41 +0200 |
| commit | 92f3f7e2d28246c334bf6af751adc90d7d607349 (patch) | |
| tree | e713025f889c905a9a850a264bdc071e17b01a12 /lib/private | |
| parent | 558fbcda7255602fa44e3096a12ea9d9d7e113f1 (diff) | |
| download | nextcloud-server-92f3f7e2d28246c334bf6af751adc90d7d607349.tar.gz nextcloud-server-92f3f7e2d28246c334bf6af751adc90d7d607349.zip | |
chore: Remove unused `CsrfTokenManager` from `CSPMiddleware`
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
Diffstat (limited to 'lib/private')
| -rw-r--r-- | lib/private/AppFramework/DependencyInjection/DIContainer.php | 1 | ||||
| -rw-r--r-- | lib/private/AppFramework/Middleware/Security/CSPMiddleware.php | 23 |
2 files changed, 7 insertions, 17 deletions
diff --git a/lib/private/AppFramework/DependencyInjection/DIContainer.php b/lib/private/AppFramework/DependencyInjection/DIContainer.php index b11dec93426..a96e050c0e6 100644 --- a/lib/private/AppFramework/DependencyInjection/DIContainer.php +++ b/lib/private/AppFramework/DependencyInjection/DIContainer.php @@ -242,7 +242,6 @@ class DIContainer extends SimpleContainer implements IAppContainer { new OC\AppFramework\Middleware\Security\CSPMiddleware( $server->query(OC\Security\CSP\ContentSecurityPolicyManager::class), $server->query(OC\Security\CSP\ContentSecurityPolicyNonceManager::class), - $server->query(OC\Security\CSRF\CsrfTokenManager::class) ) ); $dispatcher->registerMiddleware( diff --git a/lib/private/AppFramework/Middleware/Security/CSPMiddleware.php b/lib/private/AppFramework/Middleware/Security/CSPMiddleware.php index 32e9b04cd1e..e88c9563c00 100644 --- a/lib/private/AppFramework/Middleware/Security/CSPMiddleware.php +++ b/lib/private/AppFramework/Middleware/Security/CSPMiddleware.php @@ -10,7 +10,6 @@ namespace OC\AppFramework\Middleware\Security; use OC\Security\CSP\ContentSecurityPolicyManager; use OC\Security\CSP\ContentSecurityPolicyNonceManager; -use OC\Security\CSRF\CsrfTokenManager; use OCP\AppFramework\Controller; use OCP\AppFramework\Http\ContentSecurityPolicy; use OCP\AppFramework\Http\EmptyContentSecurityPolicy; @@ -18,19 +17,11 @@ use OCP\AppFramework\Http\Response; use OCP\AppFramework\Middleware; class CSPMiddleware extends Middleware { - /** @var ContentSecurityPolicyManager */ - private $contentSecurityPolicyManager; - /** @var ContentSecurityPolicyNonceManager */ - private $cspNonceManager; - /** @var CsrfTokenManager */ - private $csrfTokenManager; - - public function __construct(ContentSecurityPolicyManager $policyManager, - ContentSecurityPolicyNonceManager $cspNonceManager, - CsrfTokenManager $csrfTokenManager) { - $this->contentSecurityPolicyManager = $policyManager; - $this->cspNonceManager = $cspNonceManager; - $this->csrfTokenManager = $csrfTokenManager; + + public function __construct( + private ContentSecurityPolicyManager $policyManager, + private ContentSecurityPolicyNonceManager $cspNonceManager, + ) { } /** @@ -49,8 +40,8 @@ class CSPMiddleware extends Middleware { return $response; } - $defaultPolicy = $this->contentSecurityPolicyManager->getDefaultPolicy(); - $defaultPolicy = $this->contentSecurityPolicyManager->mergePolicies($defaultPolicy, $policy); + $defaultPolicy = $this->policyManager->getDefaultPolicy(); + $defaultPolicy = $this->policyManager->mergePolicies($defaultPolicy, $policy); if ($this->cspNonceManager->browserSupportsCspV3()) { $defaultPolicy->useJsNonce($this->cspNonceManager->getNonce()); |