Merge pull request #32113 from nextcloud/bugfix/noid/fix-csp-merging-bools

Add CSP policy merge priority for booleans
author: Vincent Petry <vincent@nextcloud.com> 2022-05-05 17:26:48 +0200
committer: GitHub <noreply@github.com> 2022-05-05 17:26:48 +0200
commit: 7718c9776c5903474b8f3cf958cdd18a53b2449e (patch)
tree: a5b2a2535f7a2aea6fbce361df6a52b3e229ad85 /lib/public/AppFramework
parent: 0690646d09430ce363b07bc2cd59283e303314eb (diff)
parent: 18c013d8fc0d95249136799c5c0e67994766d953 (diff)
download: nextcloud-server-7718c9776c5903474b8f3cf958cdd18a53b2449e.tar.gz
nextcloud-server-7718c9776c5903474b8f3cf958cdd18a53b2449e.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/public/AppFramework/Http/ContentSecurityPolicy.php b/lib/public/AppFramework/Http/ContentSecurityPolicy.php
index 3a91e3dc2a7..0e3a6a705d5 100644
--- a/lib/public/AppFramework/Http/ContentSecurityPolicy.php
+++ b/lib/public/AppFramework/Http/ContentSecurityPolicy.php
@@ -45,7 +45,7 @@ class ContentSecurityPolicy extends EmptyContentSecurityPolicy {
 	/** @var bool Whether eval in JS scripts is allowed */
 	protected $evalScriptAllowed = false;
 	/** @var bool Whether strict-dynamic should be set */
-	protected $strictDynamicAllowed = null;
+	protected $strictDynamicAllowed = false;
 	/** @var array Domains from which scripts can get loaded */
 	protected $allowedScriptDomains = [
 		'\'self\'',
author	Vincent Petry <vincent@nextcloud.com>	2022-05-05 17:26:48 +0200
committer	GitHub <noreply@github.com>	2022-05-05 17:26:48 +0200
commit	7718c9776c5903474b8f3cf958cdd18a53b2449e (patch)
tree	a5b2a2535f7a2aea6fbce361df6a52b3e229ad85 /lib/public/AppFramework
parent	0690646d09430ce363b07bc2cd59283e303314eb (diff)
parent	18c013d8fc0d95249136799c5c0e67994766d953 (diff)
download	nextcloud-server-7718c9776c5903474b8f3cf958cdd18a53b2449e.tar.gz nextcloud-server-7718c9776c5903474b8f3cf958cdd18a53b2449e.zip