aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private/Security/CSP/ContentSecurityPolicyManager.php
diff options
context:
space:
mode:
Diffstat (limited to 'lib/private/Security/CSP/ContentSecurityPolicyManager.php')
-rw-r--r--lib/private/Security/CSP/ContentSecurityPolicyManager.php7
1 files changed, 6 insertions, 1 deletions
diff --git a/lib/private/Security/CSP/ContentSecurityPolicyManager.php b/lib/private/Security/CSP/ContentSecurityPolicyManager.php
index ff770435eda..4930dcb759c 100644
--- a/lib/private/Security/CSP/ContentSecurityPolicyManager.php
+++ b/lib/private/Security/CSP/ContentSecurityPolicyManager.php
@@ -82,7 +82,12 @@ class ContentSecurityPolicyManager implements IContentSecurityPolicyManager {
$currentValues = \is_array($defaultPolicy->$getter()) ? $defaultPolicy->$getter() : [];
$defaultPolicy->$setter(array_values(array_unique(array_merge($currentValues, $value))));
} elseif (\is_bool($value)) {
- $defaultPolicy->$setter($value);
+ $getter = 'is'.ucfirst($name);
+ $currentValue = $defaultPolicy->$getter();
+ // true wins over false
+ if ($value > $currentValue) {
+ $defaultPolicy->$setter($value);
+ }
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-07 18:23:33 +0000