diff options
| author | Morris Jobke <hey@morrisjobke.de> | 2018-07-11 22:12:46 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-07-11 22:12:46 +0200 |
| commit | b2420441270a5dad910b4540c0ace6b953ea3219 (patch) | |
| tree | 9ce2f44075398a8fe8c0728695a79bf8c1bd6781 /lib | |
| parent | 3036b1d03d93267ff7fdda7a1e0682173aec2b98 (diff) | |
| parent | c21cee248cc470a99aca4351cdf8b71a3bba470e (diff) | |
| download | nextcloud-server-b2420441270a5dad910b4540c0ace6b953ea3219.tar.gz nextcloud-server-b2420441270a5dad910b4540c0ace6b953ea3219.zip | |
Merge pull request #10204 from nextcloud/fix/noid/strict_csp_eval
Disallow eval on the StrictEvalCSP
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/public/AppFramework/Http/StrictEvalContentSecurityPolicy.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/public/AppFramework/Http/StrictEvalContentSecurityPolicy.php b/lib/public/AppFramework/Http/StrictEvalContentSecurityPolicy.php index c1d6093d880..b95d2c65e50 100644 --- a/lib/public/AppFramework/Http/StrictEvalContentSecurityPolicy.php +++ b/lib/public/AppFramework/Http/StrictEvalContentSecurityPolicy.php @@ -46,6 +46,6 @@ class StrictEvalContentSecurityPolicy extends ContentSecurityPolicy { * @since 14.0.0 */ public function __construct() { - $this->inlineStyleAllowed = false; + $this->evalScriptAllowed = false; } } |