diff options
| author | Morris Jobke <hey@morrisjobke.de> | 2020-08-10 14:24:24 +0200 |
|---|---|---|
| committer | Morris Jobke <hey@morrisjobke.de> | 2020-08-10 14:24:24 +0200 |
| commit | 782a2df39290fed1b2f1aa921727c41815dcbe1e (patch) | |
| tree | d9bf6e4a6db0d221f10a94946c6d7a5b1be02fc0 /lib/public/Security/CSP | |
| parent | 9c1ee2e0ba84e7ad1f707bdf6080ec3df1680040 (diff) | |
| download | nextcloud-server-782a2df39290fed1b2f1aa921727c41815dcbe1e.tar.gz nextcloud-server-782a2df39290fed1b2f1aa921727c41815dcbe1e.zip | |
Add PHP doc for events
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Diffstat (limited to 'lib/public/Security/CSP')
| -rw-r--r-- | lib/public/Security/CSP/AddContentSecurityPolicyEvent.php | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/lib/public/Security/CSP/AddContentSecurityPolicyEvent.php b/lib/public/Security/CSP/AddContentSecurityPolicyEvent.php index bcb25867075..2806cf72871 100644 --- a/lib/public/Security/CSP/AddContentSecurityPolicyEvent.php +++ b/lib/public/Security/CSP/AddContentSecurityPolicyEvent.php @@ -32,6 +32,16 @@ use OCP\AppFramework\Http\EmptyContentSecurityPolicy; use OCP\EventDispatcher\Event; /** + * Allows to inject something into the default content policy. This is for + * example useful when you're injecting Javascript code into a view belonging + * to another controller and cannot modify its Content-Security-Policy itself. + * Note that the adjustment is only applied to applications that use AppFramework + * controllers. + * + * WARNING: Using this API incorrectly may make the instance more insecure. + * Do think twice before adding whitelisting resources. Please do also note + * that it is not possible to use the `disallowXYZ` functions. + * * @since 17.0.0 */ class AddContentSecurityPolicyEvent extends Event { |