aboutsummaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorMorris Jobke <hey@morrisjobke.de>2016-10-26 00:20:27 +0200
committerGitHub <noreply@github.com>2016-10-26 00:20:27 +0200
commit9a70c137d2afa3dc1a6f6361c3fa36d5a9ca4f71 (patch)
treebdfcaaca14022c13bcc2088b791ce2a16dd562db /lib
parent1b6ba5ad322cb3d6e2139393798d243f1d4cc68a (diff)
parent015affb082a7c9bbfeef552b3c74e5ae77e01ab3 (diff)
downloadnextcloud-server-9a70c137d2afa3dc1a6f6361c3fa36d5a9ca4f71.tar.gz
nextcloud-server-9a70c137d2afa3dc1a6f6361c3fa36d5a9ca4f71.zip
Merge pull request #1917 from nextcloud/ocjs_inline
Inline oc.js when possible!
Diffstat (limited to 'lib')
-rw-r--r--lib/composer/composer/autoload_classmap.php2
-rw-r--r--lib/composer/composer/autoload_static.php2
-rw-r--r--lib/private/AppFramework/DependencyInjection/DIContainer.php3
-rw-r--r--lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php27
-rw-r--r--lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php30
-rw-r--r--lib/private/Server.php3
-rw-r--r--lib/private/Template/JSConfigHelper.php243
-rw-r--r--lib/private/TemplateLayout.php18
8 files changed, 305 insertions, 23 deletions
diff --git a/lib/composer/composer/autoload_classmap.php b/lib/composer/composer/autoload_classmap.php
index 0d2a782a867..1332a570a27 100644
--- a/lib/composer/composer/autoload_classmap.php
+++ b/lib/composer/composer/autoload_classmap.php
@@ -402,6 +402,7 @@ return array(
'OC\\Core\\Controller\\AvatarController' => $baseDir . '/core/Controller/AvatarController.php',
'OC\\Core\\Controller\\LoginController' => $baseDir . '/core/Controller/LoginController.php',
'OC\\Core\\Controller\\LostController' => $baseDir . '/core/Controller/LostController.php',
+ 'OC\\Core\\Controller\\OCJSController' => $baseDir . '/core/Controller/OCJSController.php',
'OC\\Core\\Controller\\OCSController' => $baseDir . '/core/Controller/OCSController.php',
'OC\\Core\\Controller\\SetupController' => $baseDir . '/core/Controller/SetupController.php',
'OC\\Core\\Controller\\TwoFactorChallengeController' => $baseDir . '/core/Controller/TwoFactorChallengeController.php',
@@ -752,6 +753,7 @@ return array(
'OC\\TemplateLayout' => $baseDir . '/lib/private/TemplateLayout.php',
'OC\\Template\\Base' => $baseDir . '/lib/private/Template/Base.php',
'OC\\Template\\CSSResourceLocator' => $baseDir . '/lib/private/Template/CSSResourceLocator.php',
+ 'OC\\Template\\JSConfigHelper' => $baseDir . '/lib/private/Template/JSConfigHelper.php',
'OC\\Template\\JSResourceLocator' => $baseDir . '/lib/private/Template/JSResourceLocator.php',
'OC\\Template\\ResourceLocator' => $baseDir . '/lib/private/Template/ResourceLocator.php',
'OC\\Template\\ResourceNotFoundException' => $baseDir . '/lib/private/Template/ResourceNotFoundException.php',
diff --git a/lib/composer/composer/autoload_static.php b/lib/composer/composer/autoload_static.php
index 43e3fc3de34..c9bdc5305fe 100644
--- a/lib/composer/composer/autoload_static.php
+++ b/lib/composer/composer/autoload_static.php
@@ -432,6 +432,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
'OC\\Core\\Controller\\AvatarController' => __DIR__ . '/../../..' . '/core/Controller/AvatarController.php',
'OC\\Core\\Controller\\LoginController' => __DIR__ . '/../../..' . '/core/Controller/LoginController.php',
'OC\\Core\\Controller\\LostController' => __DIR__ . '/../../..' . '/core/Controller/LostController.php',
+ 'OC\\Core\\Controller\\OCJSController' => __DIR__ . '/../../..' . '/core/Controller/OCJSController.php',
'OC\\Core\\Controller\\OCSController' => __DIR__ . '/../../..' . '/core/Controller/OCSController.php',
'OC\\Core\\Controller\\SetupController' => __DIR__ . '/../../..' . '/core/Controller/SetupController.php',
'OC\\Core\\Controller\\TwoFactorChallengeController' => __DIR__ . '/../../..' . '/core/Controller/TwoFactorChallengeController.php',
@@ -782,6 +783,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
'OC\\TemplateLayout' => __DIR__ . '/../../..' . '/lib/private/TemplateLayout.php',
'OC\\Template\\Base' => __DIR__ . '/../../..' . '/lib/private/Template/Base.php',
'OC\\Template\\CSSResourceLocator' => __DIR__ . '/../../..' . '/lib/private/Template/CSSResourceLocator.php',
+ 'OC\\Template\\JSConfigHelper' => __DIR__ . '/../../..' . '/lib/private/Template/JSConfigHelper.php',
'OC\\Template\\JSResourceLocator' => __DIR__ . '/../../..' . '/lib/private/Template/JSResourceLocator.php',
'OC\\Template\\ResourceLocator' => __DIR__ . '/../../..' . '/lib/private/Template/ResourceLocator.php',
'OC\\Template\\ResourceNotFoundException' => __DIR__ . '/../../..' . '/lib/private/Template/ResourceNotFoundException.php',
diff --git a/lib/private/AppFramework/DependencyInjection/DIContainer.php b/lib/private/AppFramework/DependencyInjection/DIContainer.php
index 97faa0edf49..8fe9b4dca03 100644
--- a/lib/private/AppFramework/DependencyInjection/DIContainer.php
+++ b/lib/private/AppFramework/DependencyInjection/DIContainer.php
@@ -380,7 +380,8 @@ class DIContainer extends SimpleContainer implements IAppContainer {
$app->isLoggedIn(),
$app->isAdminUser(),
$app->getServer()->getContentSecurityPolicyManager(),
- $app->getServer()->getCsrfTokenManager()
+ $app->getServer()->getCsrfTokenManager(),
+ $app->getServer()->getContentSecurityPolicyNonceManager()
);
});
diff --git a/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php b/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php
index 6c33c0023ea..183e55740ea 100644
--- a/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php
+++ b/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php
@@ -36,6 +36,7 @@ use OC\AppFramework\Middleware\Security\Exceptions\NotLoggedInException;
use OC\AppFramework\Middleware\Security\Exceptions\StrictCookieMissingException;
use OC\AppFramework\Utility\ControllerMethodReflector;
use OC\Security\CSP\ContentSecurityPolicyManager;
+use OC\Security\CSP\ContentSecurityPolicyNonceManager;
use OC\Security\CSRF\CsrfTokenManager;
use OCP\AppFramework\Http\ContentSecurityPolicy;
use OCP\AppFramework\Http\EmptyContentSecurityPolicy;
@@ -80,6 +81,8 @@ class SecurityMiddleware extends Middleware {
private $contentSecurityPolicyManager;
/** @var CsrfTokenManager */
private $csrfTokenManager;
+ /** @var ContentSecurityPolicyNonceManager */
+ private $cspNonceManager;
/**
* @param IRequest $request
@@ -92,6 +95,7 @@ class SecurityMiddleware extends Middleware {
* @param bool $isAdminUser
* @param ContentSecurityPolicyManager $contentSecurityPolicyManager
* @param CSRFTokenManager $csrfTokenManager
+ * @param ContentSecurityPolicyNonceManager $cspNonceManager
*/
public function __construct(IRequest $request,
ControllerMethodReflector $reflector,
@@ -102,7 +106,8 @@ class SecurityMiddleware extends Middleware {
$isLoggedIn,
$isAdminUser,
ContentSecurityPolicyManager $contentSecurityPolicyManager,
- CsrfTokenManager $csrfTokenManager) {
+ CsrfTokenManager $csrfTokenManager,
+ ContentSecurityPolicyNonceManager $cspNonceManager) {
$this->navigationManager = $navigationManager;
$this->request = $request;
$this->reflector = $reflector;
@@ -113,6 +118,7 @@ class SecurityMiddleware extends Middleware {
$this->isAdminUser = $isAdminUser;
$this->contentSecurityPolicyManager = $contentSecurityPolicyManager;
$this->csrfTokenManager = $csrfTokenManager;
+ $this->cspNonceManager = $cspNonceManager;
}
@@ -177,23 +183,6 @@ class SecurityMiddleware extends Middleware {
}
- private function browserSupportsCspV3() {
- $browserWhitelist = [
- // Chrome 40+
- '/^Mozilla\/5\.0 \([^)]+\) AppleWebKit\/[0-9.]+ \(KHTML, like Gecko\) Chrome\/[4-9][0-9].[0-9.]+ (Mobile Safari|Safari)\/[0-9.]+$/',
- // Firefox 45+
- '/^Mozilla\/5\.0 \([^)]+\) Gecko\/[0-9.]+ Firefox\/(4[5-9]|[5-9][0-9])\.[0-9.]+$/',
- // Safari 10+
- '/^Mozilla\/5\.0 \([^)]+\) AppleWebKit\/[0-9.]+ \(KHTML, like Gecko\) Version\/1[0-9.]+ Safari\/[0-9.A-Z]+$/',
- ];
-
- if($this->request->isUserAgent($browserWhitelist)) {
- return true;
- }
-
- return false;
- }
-
/**
* Performs the default CSP modifications that may be injected by other
* applications
@@ -213,7 +202,7 @@ class SecurityMiddleware extends Middleware {
$defaultPolicy = $this->contentSecurityPolicyManager->getDefaultPolicy();
$defaultPolicy = $this->contentSecurityPolicyManager->mergePolicies($defaultPolicy, $policy);
- if($this->browserSupportsCspV3()) {
+ if($this->cspNonceManager->browserSupportsCspV3()) {
$defaultPolicy->useJsNonce($this->csrfTokenManager->getToken()->getEncryptedValue());
}
diff --git a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
index 0482ea49e5c..e6a39b12a42 100644
--- a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
+++ b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
@@ -22,6 +22,7 @@
namespace OC\Security\CSP;
use OC\Security\CSRF\CsrfTokenManager;
+use OCP\IRequest;
/**
* @package OC\Security\CSP
@@ -29,14 +30,19 @@ use OC\Security\CSRF\CsrfTokenManager;
class ContentSecurityPolicyNonceManager {
/** @var CsrfTokenManager */
private $csrfTokenManager;
+ /** @var IRequest */
+ private $request;
/** @var string */
private $nonce = '';
/**
* @param CsrfTokenManager $csrfTokenManager
+ * @param IRequest $request
*/
- public function __construct(CsrfTokenManager $csrfTokenManager) {
+ public function __construct(CsrfTokenManager $csrfTokenManager,
+ IRequest $request) {
$this->csrfTokenManager = $csrfTokenManager;
+ $this->request = $request;
}
/**
@@ -51,4 +57,26 @@ class ContentSecurityPolicyNonceManager {
return $this->nonce;
}
+
+ /**
+ * Check if the browser supports CSP v3
+ *
+ * @return bool
+ */
+ public function browserSupportsCspV3() {
+ $browserWhitelist = [
+ // Chrome 40+
+ '/^Mozilla\/5\.0 \([^)]+\) AppleWebKit\/[0-9.]+ \(KHTML, like Gecko\) Chrome\/[4-9][0-9].[0-9.]+ (Mobile Safari|Safari)\/[0-9.]+$/',
+ // Firefox 45+
+ '/^Mozilla\/5\.0 \([^)]+\) Gecko\/[0-9.]+ Firefox\/(4[5-9]|[5-9][0-9])\.[0-9.]+$/',
+ // Safari 10+
+ '/^Mozilla\/5\.0 \([^)]+\) AppleWebKit\/[0-9.]+ \(KHTML, like Gecko\) Version\/1[0-9.]+ Safari\/[0-9.A-Z]+$/',
+ ];
+
+ if($this->request->isUserAgent($browserWhitelist)) {
+ return true;
+ }
+
+ return false;
+ }
}
diff --git a/lib/private/Server.php b/lib/private/Server.php
index 1ccc27802d2..21ec311401d 100644
--- a/lib/private/Server.php
+++ b/lib/private/Server.php
@@ -711,7 +711,8 @@ class Server extends ServerContainer implements IServerContainer {
});
$this->registerService('ContentSecurityPolicyNonceManager', function(Server $c) {
return new ContentSecurityPolicyNonceManager(
- $c->getCsrfTokenManager()
+ $c->getCsrfTokenManager(),
+ $c->getRequest()
);
});
$this->registerService('ShareManager', function(Server $c) {
diff --git a/lib/private/Template/JSConfigHelper.php b/lib/private/Template/JSConfigHelper.php
new file mode 100644
index 00000000000..a7f8c251cee
--- /dev/null
+++ b/lib/private/Template/JSConfigHelper.php
@@ -0,0 +1,243 @@
+<?php
+/**
+ * @copyright Copyright (c) 2016, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+namespace OC\Template;
+
+use bantu\IniGetWrapper\IniGetWrapper;
+use OCP\App\IAppManager;
+use OCP\IConfig;
+use OCP\IGroupManager;
+use OCP\IL10N;
+use OCP\IURLGenerator;
+use OCP\IUser;
+
+class JSConfigHelper {
+
+ /** @var IL10N */
+ private $l;
+
+ /** @var \OC_Defaults */
+ private $defaults;
+
+ /** @var IAppManager */
+ private $appManager;
+
+ /** @var IUser */
+ private $currentUser;
+
+ /** @var IConfig */
+ private $config;
+
+ /** @var IGroupManager */
+ private $groupManager;
+
+ /** @var IniGetWrapper */
+ private $iniWrapper;
+
+ /** @var IURLGenerator */
+ private $urlGenerator;
+
+ /**
+ * @param IL10N $l
+ * @param \OC_Defaults $defaults
+ * @param IAppManager $appManager
+ * @param IUser|null $currentUser
+ * @param IConfig $config
+ * @param IGroupManager $groupManager
+ * @param IniGetWrapper $iniWrapper
+ * @param IURLGenerator $urlGenerator
+ */
+ public function __construct(IL10N $l,
+ \OC_Defaults $defaults,
+ IAppManager $appManager,
+ $currentUser,
+ IConfig $config,
+ IGroupManager $groupManager,
+ IniGetWrapper $iniWrapper,
+ IURLGenerator $urlGenerator) {
+ $this->l = $l;
+ $this->defaults = $defaults;
+ $this->appManager = $appManager;
+ $this->currentUser = $currentUser;
+ $this->config = $config;
+ $this->groupManager = $groupManager;
+ $this->iniWrapper = $iniWrapper;
+ $this->urlGenerator = $urlGenerator;
+ }
+
+ public function getConfig() {
+
+ if ($this->currentUser !== null) {
+ $uid = $this->currentUser->getUID();
+ } else {
+ $uid = null;
+ }
+
+ // Get the config
+ $apps_paths = [];
+
+ if ($this->currentUser === null) {
+ $apps = $this->appManager->getInstalledApps();
+ } else {
+ $apps = $this->appManager->getEnabledAppsForUser($this->currentUser);
+ }
+
+ foreach($apps as $app) {
+ $apps_paths[$app] = \OC_App::getAppWebPath($app);
+ }
+
+ $defaultExpireDateEnabled = $this->config->getAppValue('core', 'shareapi_default_expire_date', 'no') === 'yes';
+ $defaultExpireDate = $enforceDefaultExpireDate = null;
+ if ($defaultExpireDateEnabled) {
+ $defaultExpireDate = (int) $this->config->getAppValue('core', 'shareapi_expire_after_n_days', '7');
+ $enforceDefaultExpireDate = $this->config->getAppValue('core', 'shareapi_enforce_expire_date', 'no') === 'yes';
+ }
+ $outgoingServer2serverShareEnabled = $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes') === 'yes';
+
+ $countOfDataLocation = 0;
+ $dataLocation = str_replace(\OC::$SERVERROOT .'/', '', $this->config->getSystemValue('datadirectory', ''), $countOfDataLocation);
+ if($countOfDataLocation !== 1 || !$this->groupManager->isAdmin($uid)) {
+ $dataLocation = false;
+ }
+
+ $array = [
+ "oc_debug" => $this->config->getSystemValue('debug', false) ? 'true' : 'false',
+ "oc_isadmin" => $this->groupManager->isAdmin($uid) ? 'true' : 'false',
+ "oc_dataURL" => is_string($dataLocation) ? "\"".$dataLocation."\"" : 'false',
+ "oc_webroot" => "\"".\OC::$WEBROOT."\"",
+ "oc_appswebroots" => str_replace('\\/', '/', json_encode($apps_paths)), // Ugly unescape slashes waiting for better solution
+ "datepickerFormatDate" => json_encode($this->l->l('jsdate', null)),
+ "dayNames" => json_encode([
+ (string)$this->l->t('Sunday'),
+ (string)$this->l->t('Monday'),
+ (string)$this->l->t('Tuesday'),
+ (string)$this->l->t('Wednesday'),
+ (string)$this->l->t('Thursday'),
+ (string)$this->l->t('Friday'),
+ (string)$this->l->t('Saturday')
+ ]),
+ "dayNamesShort" => json_encode([
+ (string)$this->l->t('Sun.'),
+ (string)$this->l->t('Mon.'),
+ (string)$this->l->t('Tue.'),
+ (string)$this->l->t('Wed.'),
+ (string)$this->l->t('Thu.'),
+ (string)$this->l->t('Fri.'),
+ (string)$this->l->t('Sat.')
+ ]),
+ "dayNamesMin" => json_encode([
+ (string)$this->l->t('Su'),
+ (string)$this->l->t('Mo'),
+ (string)$this->l->t('Tu'),
+ (string)$this->l->t('We'),
+ (string)$this->l->t('Th'),
+ (string)$this->l->t('Fr'),
+ (string)$this->l->t('Sa')
+ ]),
+ "monthNames" => json_encode([
+ (string)$this->l->t('January'),
+ (string)$this->l->t('February'),
+ (string)$this->l->t('March'),
+ (string)$this->l->t('April'),
+ (string)$this->l->t('May'),
+ (string)$this->l->t('June'),
+ (string)$this->l->t('July'),
+ (string)$this->l->t('August'),
+ (string)$this->l->t('September'),
+ (string)$this->l->t('October'),
+ (string)$this->l->t('November'),
+ (string)$this->l->t('December')
+ ]),
+ "monthNamesShort" => json_encode([
+ (string)$this->l->t('Jan.'),
+ (string)$this->l->t('Feb.'),
+ (string)$this->l->t('Mar.'),
+ (string)$this->l->t('Apr.'),
+ (string)$this->l->t('May.'),
+ (string)$this->l->t('Jun.'),
+ (string)$this->l->t('Jul.'),
+ (string)$this->l->t('Aug.'),
+ (string)$this->l->t('Sep.'),
+ (string)$this->l->t('Oct.'),
+ (string)$this->l->t('Nov.'),
+ (string)$this->l->t('Dec.')
+ ]),
+ "firstDay" => json_encode($this->l->l('firstday', null)) ,
+ "oc_config" => json_encode([
+ 'session_lifetime' => min($this->config->getSystemValue('session_lifetime', $this->iniWrapper->getNumeric('session.gc_maxlifetime')), $this->iniWrapper->getNumeric('session.gc_maxlifetime')),
+ 'session_keepalive' => $this->config->getSystemValue('session_keepalive', true),
+ 'version' => implode('.', \OCP\Util::getVersion()),
+ 'versionstring' => \OC_Util::getVersionString(),
+ 'enable_avatars' => $this->config->getSystemValue('enable_avatars', true) === true,
+ 'lost_password_link'=> $this->config->getSystemValue('lost_password_link', null),
+ 'modRewriteWorking' => (getenv('front_controller_active') === 'true'),
+ ]),
+ "oc_appconfig" => json_encode([
+ 'core' => [
+ 'defaultExpireDateEnabled' => $defaultExpireDateEnabled,
+ 'defaultExpireDate' => $defaultExpireDate,
+ 'defaultExpireDateEnforced' => $enforceDefaultExpireDate,
+ 'enforcePasswordForPublicLink' => \OCP\Util::isPublicLinkPasswordRequired(),
+ 'sharingDisabledForUser' => \OCP\Util::isSharingDisabledForUser(),
+ 'resharingAllowed' => \OCP\Share::isResharingAllowed(),
+ 'remoteShareAllowed' => $outgoingServer2serverShareEnabled,
+ 'federatedCloudShareDoc' => $this->urlGenerator->linkToDocs('user-sharing-federated'),
+ 'allowGroupSharing' => \OC::$server->getShareManager()->allowGroupSharing()
+ ]
+ ]),
+ "oc_defaults" => json_encode([
+ 'entity' => $this->defaults->getEntity(),
+ 'name' => $this->defaults->getName(),
+ 'title' => $this->defaults->getTitle(),
+ 'baseUrl' => $this->defaults->getBaseUrl(),
+ 'syncClientUrl' => $this->defaults->getSyncClientUrl(),
+ 'docBaseUrl' => $this->defaults->getDocBaseUrl(),
+ 'docPlaceholderUrl' => $this->defaults->buildDocLinkToKey('PLACEHOLDER'),
+ 'slogan' => $this->defaults->getSlogan(),
+ 'logoClaim' => $this->defaults->getLogoClaim(),
+ 'shortFooter' => $this->defaults->getShortFooter(),
+ 'longFooter' => $this->defaults->getLongFooter(),
+ 'folder' => \OC_Util::getTheme(),
+ ]),
+ ];
+
+ if ($this->currentUser !== null) {
+ $array['oc_userconfig'] = json_encode([
+ 'avatar' => [
+ 'version' => (int)$this->config->getUserValue($uid, 'avatar', 'version', 0),
+ ]
+ ]);
+ }
+
+ // Allow hooks to modify the output values
+ \OC_Hook::emit('\OCP\Config', 'js', array('array' => &$array));
+
+ $result = '';
+
+ // Echo it
+ foreach ($array as $setting => $value) {
+ $result .= 'var '. $setting . '='. $value . ';' . PHP_EOL;
+ }
+
+ return $result;
+ }
+}
diff --git a/lib/private/TemplateLayout.php b/lib/private/TemplateLayout.php
index da845d80d04..9f89174e7f9 100644
--- a/lib/private/TemplateLayout.php
+++ b/lib/private/TemplateLayout.php
@@ -43,6 +43,7 @@ use Assetic\Filter\CssMinFilter;
use Assetic\Filter\CssRewriteFilter;
use Assetic\Filter\JSqueezeFilter;
use Assetic\Filter\SeparatorFilter;
+use OC\Template\JSConfigHelper;
class TemplateLayout extends \OC_Template {
@@ -142,7 +143,22 @@ class TemplateLayout extends \OC_Template {
$jsFiles = self::findJavascriptFiles(\OC_Util::$scripts);
$this->assign('jsfiles', array());
if ($this->config->getSystemValue('installed', false) && $renderAs != 'error') {
- $this->append( 'jsfiles', \OC::$server->getURLGenerator()->linkToRoute('js_config', ['v' => self::$versionHash]));
+ if (\OC::$server->getContentSecurityPolicyNonceManager()->browserSupportsCspV3()) {
+ $jsConfigHelper = new JSConfigHelper(
+ \OC::$server->getL10N('core'),
+ \OC::$server->getThemingDefaults(),
+ \OC::$server->getAppManager(),
+ \OC::$server->getUserSession()->getUser(),
+ \OC::$server->getConfig(),
+ \OC::$server->getGroupManager(),
+ \OC::$server->getIniWrapper(),
+ \OC::$server->getURLGenerator()
+ );
+ $this->assign('inline_ocjs', $jsConfigHelper->getConfig());
+ $this->assign('foo', 'bar');
+ } else {
+ $this->append('jsfiles', \OC::$server->getURLGenerator()->linkToRoute('core.OCJS.getConfig', ['v' => self::$versionHash]));
+ }
}
foreach($jsFiles as $info) {
$web = $info[1];
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-17 08:41:36 +0000