summaryrefslogtreecommitdiffstats
path: root/lib/private/legacy/response.php
diff options
context:
space:
mode:
Diffstat (limited to 'lib/private/legacy/response.php')
-rw-r--r--lib/private/legacy/response.php3
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/private/legacy/response.php b/lib/private/legacy/response.php
index 0ec27251ba5..69c84e2df68 100644
--- a/lib/private/legacy/response.php
+++ b/lib/private/legacy/response.php
@@ -33,6 +33,7 @@ class OC_Response {
const STATUS_NOT_MODIFIED = 304;
const STATUS_TEMPORARY_REDIRECT = 307;
const STATUS_BAD_REQUEST = 400;
+ const STATUS_FORBIDDEN = 403;
const STATUS_NOT_FOUND = 404;
const STATUS_INTERNAL_SERVER_ERROR = 500;
const STATUS_SERVICE_UNAVAILABLE = 503;
@@ -246,7 +247,7 @@ class OC_Response {
* @see \OCP\AppFramework\Http\Response::getHeaders
*/
$policy = 'default-src \'self\'; '
- . 'script-src \'self\' \'unsafe-eval\'; '
+ . 'script-src \'self\' \'unsafe-eval\' \'nonce-'.\OC::$server->getContentSecurityPolicyNonceManager()->getNonce().'\'; '
. 'style-src \'self\' \'unsafe-inline\'; '
. 'frame-src *; '
. 'img-src * data: blob:; '
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-08 13:38:01 +0000