4 files changed, 5 insertions, 6 deletions

diff --git a/apps/user_ldap/templates/renewpassword.php b/apps/user_ldap/templates/renewpassword.php
index 457d4dcfc47..952cc915f4b 100644
--- a/apps/user_ldap/templates/renewpassword.php
+++ b/apps/user_ldap/templates/renewpassword.php
@@ -1,8 +1,5 @@
 <?php /** @var $l OC_L10N */ ?>
 <?php
-script('core', [
-	'jquery-showpassword',
-]);
 script('user_ldap', [
 	'renewPassword',
 ]);
diff --git a/core/templates/installation.php b/core/templates/installation.php
index 7203f3c9e79..de9427a74d8 100644
--- a/core/templates/installation.php
+++ b/core/templates/installation.php
@@ -1,6 +1,5 @@
 <?php
 script('core', [
-	'jquery-showpassword',
 	'installation'
 ]);
 ?>
diff --git a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
index 3fcef1d0efd..0a77e27d8c0 100644
--- a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
+++ b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
@@ -468,7 +468,11 @@ class EmptyContentSecurityPolicy {
 		}
 
 		if(!empty($this->allowedFrameDomains)) {
-			$policy .= 'frame-src ' . implode(' ', $this->allowedFrameDomains);
+			$policy .= 'frame-src ';
+			if(is_string($this->useJsNonce)) {
+				$policy .= '\'nonce-' . base64_encode($this->useJsNonce) . '\' ';
+			}
+			$policy .= implode(' ', $this->allowedFrameDomains);
 			$policy .= ';';
 		}
 
diff --git a/settings/templates/settings/personal/security.php b/settings/templates/settings/personal/security.php
index ee6c7ce0ace..b7983b7c5d9 100644
--- a/settings/templates/settings/personal/security.php
+++ b/settings/templates/settings/personal/security.php
@@ -28,7 +28,6 @@ script('settings', [
 
 if($_['passwordChangeSupported']) {
 	script('settings', 'security_password');
-	script('jquery-showpassword');
 }
 
 ?>