summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--apps/files/controller/viewcontroller.php8
-rw-r--r--apps/files/tests/controller/ViewControllerTest.php3
2 files changed, 10 insertions, 1 deletions
diff --git a/apps/files/controller/viewcontroller.php b/apps/files/controller/viewcontroller.php
index 1d1a9111d19..d9c59592863 100644
--- a/apps/files/controller/viewcontroller.php
+++ b/apps/files/controller/viewcontroller.php
@@ -23,6 +23,7 @@ namespace OCA\Files\Controller;
use OC\AppFramework\Http\Request;
use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\ContentSecurityPolicy;
use OCP\AppFramework\Http\RedirectResponse;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\IL10N;
@@ -215,10 +216,15 @@ class ViewController extends Controller {
$params['appContents'] = $contentItems;
$this->navigationManager->setActiveEntry('files_index');
- return new TemplateResponse(
+ $response = new TemplateResponse(
$this->appName,
'index',
$params
);
+ $policy = new ContentSecurityPolicy();
+ $policy->addAllowedFrameDomain('\'self\'');
+ $response->setContentSecurityPolicy($policy);
+
+ return $response;
}
}
diff --git a/apps/files/tests/controller/ViewControllerTest.php b/apps/files/tests/controller/ViewControllerTest.php
index 028dfce8c58..0e8ab5e752d 100644
--- a/apps/files/tests/controller/ViewControllerTest.php
+++ b/apps/files/tests/controller/ViewControllerTest.php
@@ -245,6 +245,9 @@ class ViewControllerTest extends TestCase {
],
]
);
+ $policy = new Http\ContentSecurityPolicy();
+ $policy->addAllowedFrameDomain('\'self\'');
+ $expected->setContentSecurityPolicy($policy);
$this->assertEquals($expected, $this->viewController->index('MyDir', 'MyView'));
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-23 12:47:58 +0000