8 files changed, 465 insertions, 326 deletions
diff --git a/lib/public/appframework/controller.php b/lib/public/appframework/controller.php
index 973c9044684..c3744683300 100644
--- a/lib/public/appframework/controller.php
+++ b/lib/public/appframework/controller.php
@@ -72,7 +72,7 @@ abstract class Controller {
 	 * @since 6.0.0 - parameter $appName was added in 7.0.0 - parameter $app was removed in 7.0.0
 	 */
 	public function __construct($appName,
-	                            IRequest $request){
+	                            IRequest $request) {
 		$this->appName = $appName;
 		$this->request = $request;
 
diff --git a/lib/public/appframework/http/contentsecuritypolicy.php b/lib/public/appframework/http/contentsecuritypolicy.php
index 35da4f05e80..7762ca809a2 100644
--- a/lib/public/appframework/http/contentsecuritypolicy.php
+++ b/lib/public/appframework/http/contentsecuritypolicy.php
@@ -38,17 +38,17 @@ use OCP\AppFramework\Http;
  * @package OCP\AppFramework\Http
  * @since 8.1.0
  */
-class ContentSecurityPolicy {
+class ContentSecurityPolicy extends EmptyContentSecurityPolicy {
 	/** @var bool Whether inline JS snippets are allowed */
-	private $inlineScriptAllowed = false;
+	protected $inlineScriptAllowed = false;
 	/**
 	 * @var bool Whether eval in JS scripts is allowed
 	 * TODO: Disallow per default
 	 * @link https://github.com/owncloud/core/issues/11925
 	 */
-	private $evalScriptAllowed = true;
+	protected $evalScriptAllowed = true;
 	/** @var array Domains from which scripts can get loaded */
-	private $allowedScriptDomains = [
+	protected $allowedScriptDomains = [
 		'\'self\'',
 	];
 	/**
@@ -56,342 +56,33 @@ class ContentSecurityPolicy {
 	 * TODO: Disallow per default
 	 * @link https://github.com/owncloud/core/issues/13458
 	 */
-	private $inlineStyleAllowed = true;
+	protected $inlineStyleAllowed = true;
 	/** @var array Domains from which CSS can get loaded */
-	private $allowedStyleDomains = [
+	protected $allowedStyleDomains = [
 		'\'self\'',
 	];
 	/** @var array Domains from which images can get loaded */
-	private $allowedImageDomains = [
+	protected $allowedImageDomains = [
 		'\'self\'',
 		'data:',
 		'blob:',
 	];
 	/** @var array Domains to which connections can be done */
-	private $allowedConnectDomains = [
+	protected $allowedConnectDomains = [
 		'\'self\'',
 	];
 	/** @var array Domains from which media elements can be loaded */
-	private $allowedMediaDomains = [
+	protected $allowedMediaDomains = [
 		'\'self\'',
 	];
 	/** @var array Domains from which object elements can be loaded */
-	private $allowedObjectDomains = [];
+	protected $allowedObjectDomains = [];
 	/** @var array Domains from which iframes can be loaded */
-	private $allowedFrameDomains = [];
+	protected $allowedFrameDomains = [];
 	/** @var array Domains from which fonts can be loaded */
-	private $allowedFontDomains = [
+	protected $allowedFontDomains = [
 		'\'self\'',
 	];
 	/** @var array Domains from which web-workers and nested browsing content can load elements */
-	private $allowedChildSrcDomains = [];
-
-	/**
-	 * Whether inline JavaScript snippets are allowed or forbidden
-	 * @param bool $state
-	 * @return $this
-	 * @since 8.1.0
-	 */
-	public function allowInlineScript($state = false) {
-		$this->inlineScriptAllowed = $state;
-		return $this;
-	}
-
-	/**
-	 * Whether eval in JavaScript is allowed or forbidden
-	 * @param bool $state
-	 * @return $this
-	 * @since 8.1.0
-	 */
-	public function allowEvalScript($state = true) {
-		$this->evalScriptAllowed = $state;
-		return $this;
-	}
-
-	/**
-	 * Allows to execute JavaScript files from a specific domain. Use * to
-	 * allow JavaScript from all domains.
-	 * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
-	 * @return $this
-	 * @since 8.1.0
-	 */
-	public function addAllowedScriptDomain($domain) {
-		$this->allowedScriptDomains[] = $domain;
-		return $this;
-	}
-
-	/**
-	 * Remove the specified allowed script domain from the allowed domains.
-	 *
-	 * @param string $domain
-	 * @return $this
-	 * @since 8.1.0
-	 */
-	public function disallowScriptDomain($domain) {
-		$this->allowedScriptDomains = array_diff($this->allowedScriptDomains, [$domain]);
-		return $this;
-	}
-
-	/**
-	 * Whether inline CSS snippets are allowed or forbidden
-	 * @param bool $state
-	 * @return $this
-	 * @since 8.1.0
-	 */
-	public function allowInlineStyle($state = true) {
-		$this->inlineStyleAllowed = $state;
-		return $this;
-	}
-
-	/**
-	 * Allows to execute CSS files from a specific domain. Use * to allow
-	 * CSS from all domains.
-	 * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
-	 * @return $this
-	 * @since 8.1.0
-	 */
-	public function addAllowedStyleDomain($domain) {
-		$this->allowedStyleDomains[] = $domain;
-		return $this;
-	}
-
-	/**
-	 * Remove the specified allowed style domain from the allowed domains.
-	 *
-	 * @param string $domain
-	 * @return $this
-	 * @since 8.1.0
-	 */
-	public function disallowStyleDomain($domain) {
-		$this->allowedStyleDomains = array_diff($this->allowedStyleDomains, [$domain]);
-		return $this;
-	}
-
-	/**
-	 * Allows using fonts from a specific domain. Use * to allow
-	 * fonts from all domains.
-	 * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
-	 * @return $this
-	 * @since 8.1.0
-	 */
-	public function addAllowedFontDomain($domain) {
-		$this->allowedFontDomains[] = $domain;
-		return $this;
-	}
-
-	/**
-	 * Remove the specified allowed font domain from the allowed domains.
-	 *
-	 * @param string $domain
-	 * @return $this
-	 * @since 8.1.0
-	 */
-	public function disallowFontDomain($domain) {
-		$this->allowedFontDomains = array_diff($this->allowedFontDomains, [$domain]);
-		return $this;
-	}
-
-	/**
-	 * Allows embedding images from a specific domain. Use * to allow
-	 * images from all domains.
-	 * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
-	 * @return $this
-	 * @since 8.1.0
-	 */
-	public function addAllowedImageDomain($domain) {
-		$this->allowedImageDomains[] = $domain;
-		return $this;
-	}
-
-	/**
-	 * Remove the specified allowed image domain from the allowed domains.
-	 *
-	 * @param string $domain
-	 * @return $this
-	 * @since 8.1.0
-	 */
-	public function disallowImageDomain($domain) {
-		$this->allowedImageDomains = array_diff($this->allowedImageDomains, [$domain]);
-		return $this;
-	}
-
-	/**
-	 * To which remote domains the JS connect to.
-	 * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
-	 * @return $this
-	 * @since 8.1.0
-	 */
-	public function addAllowedConnectDomain($domain) {
-		$this->allowedConnectDomains[] = $domain;
-		return $this;
-	}
-
-	/**
-	 * Remove the specified allowed connect domain from the allowed domains.
-	 *
-	 * @param string $domain
-	 * @return $this
-	 * @since 8.1.0
-	 */
-	public function disallowConnectDomain($domain) {
-		$this->allowedConnectDomains = array_diff($this->allowedConnectDomains, [$domain]);
-		return $this;
-	}
-
-	/**
-	 * From which domains media elements can be embedded.
-	 * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
-	 * @return $this
-	 * @since 8.1.0
-	 */
-	public function addAllowedMediaDomain($domain) {
-		$this->allowedMediaDomains[] = $domain;
-		return $this;
-	}
-
-	/**
-	 * Remove the specified allowed media domain from the allowed domains.
-	 *
-	 * @param string $domain
-	 * @return $this
-	 * @since 8.1.0
-	 */
-	public function disallowMediaDomain($domain) {
-		$this->allowedMediaDomains = array_diff($this->allowedMediaDomains, [$domain]);
-		return $this;
-	}
-
-	/**
-	 * From which domains objects such as <object>, <embed> or <applet> are executed
-	 * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
-	 * @return $this
-	 * @since 8.1.0
-	 */
-	public function addAllowedObjectDomain($domain) {
-		$this->allowedObjectDomains[] = $domain;
-		return $this;
-	}
-
-	/**
-	 * Remove the specified allowed object domain from the allowed domains.
-	 *
-	 * @param string $domain
-	 * @return $this
-	 * @since 8.1.0
-	 */
-	public function disallowObjectDomain($domain) {
-		$this->allowedObjectDomains = array_diff($this->allowedObjectDomains, [$domain]);
-		return $this;
-	}
-
-	/**
-	 * Which domains can be embedded in an iframe
-	 * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
-	 * @return $this
-	 * @since 8.1.0
-	 */
-	public function addAllowedFrameDomain($domain) {
-		$this->allowedFrameDomains[] = $domain;
-		return $this;
-	}
-
-	/**
-	 * Remove the specified allowed frame domain from the allowed domains.
-	 *
-	 * @param string $domain
-	 * @return $this
-	 * @since 8.1.0
-	 */
-	public function disallowFrameDomain($domain) {
-		$this->allowedFrameDomains = array_diff($this->allowedFrameDomains, [$domain]);
-		return $this;
-	}
-
-	/**
-	 * Domains from which web-workers and nested browsing content can load elements
-	 * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
-	 * @return $this
-	 * @since 8.1.0
-	 */
-	public function addAllowedChildSrcDomain($domain) {
-		$this->allowedChildSrcDomains[] = $domain;
-		return $this;
-	}
-
-	/**
-	 * Remove the specified allowed child src domain from the allowed domains.
-	 *
-	 * @param string $domain
-	 * @return $this
-	 * @since 8.1.0
-	 */
-	public function disallowChildSrcDomain($domain) {
-		$this->allowedChildSrcDomains = array_diff($this->allowedChildSrcDomains, [$domain]);
-		return $this;
-	}
-
-	/**
-	 * Get the generated Content-Security-Policy as a string
-	 * @return string
-	 * @since 8.1.0
-	 */
-	public function buildPolicy() {
-		$policy = "default-src 'none';";
-
-		if(!empty($this->allowedScriptDomains)) {
-			$policy .= 'script-src ' . implode(' ', $this->allowedScriptDomains);
-			if($this->inlineScriptAllowed) {
-				$policy .= ' \'unsafe-inline\'';
-			}
-			if($this->evalScriptAllowed) {
-				$policy .= ' \'unsafe-eval\'';
-			}
-			$policy .= ';';
-		}
-
-		if(!empty($this->allowedStyleDomains)) {
-			$policy .= 'style-src ' . implode(' ', $this->allowedStyleDomains);
-			if($this->inlineStyleAllowed) {
-				$policy .= ' \'unsafe-inline\'';
-			}
-			$policy .= ';';
-		}
-
-		if(!empty($this->allowedImageDomains)) {
-			$policy .= 'img-src ' . implode(' ', $this->allowedImageDomains);
-			$policy .= ';';
-		}
-
-		if(!empty($this->allowedFontDomains)) {
-			$policy .= 'font-src ' . implode(' ', $this->allowedFontDomains);
-			$policy .= ';';
-		}
-
-		if(!empty($this->allowedConnectDomains)) {
-			$policy .= 'connect-src ' . implode(' ', $this->allowedConnectDomains);
-			$policy .= ';';
-		}
-
-		if(!empty($this->allowedMediaDomains)) {
-			$policy .= 'media-src ' . implode(' ', $this->allowedMediaDomains);
-			$policy .= ';';
-		}
-
-		if(!empty($this->allowedObjectDomains)) {
-			$policy .= 'object-src ' . implode(' ', $this->allowedObjectDomains);
-			$policy .= ';';
-		}
-
-		if(!empty($this->allowedFrameDomains)) {
-			$policy .= 'frame-src ' . implode(' ', $this->allowedFrameDomains);
-			$policy .= ';';
-		}
-
-		if(!empty($this->allowedChildSrcDomains)) {
-			$policy .= 'child-src ' . implode(' ', $this->allowedChildSrcDomains);
-			$policy .= ';';
-		}
-
-		return rtrim($policy, ';');
-	}
+	protected $allowedChildSrcDomains = [];
 }
diff --git a/lib/public/appframework/http/emptycontentsecuritypolicy.php b/lib/public/appframework/http/emptycontentsecuritypolicy.php
new file mode 100644
index 00000000000..33860dcdb0f
--- /dev/null
+++ b/lib/public/appframework/http/emptycontentsecuritypolicy.php
@@ -0,0 +1,387 @@
+<?php
+/**
+ * @author Lukas Reschke <lukas@owncloud.com>
+ * @author Morris Jobke <hey@morrisjobke.de>
+ * @author sualko <klaus@jsxc.org>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCP\AppFramework\Http;
+
+use OCP\AppFramework\Http;
+
+/**
+ * Class EmptyContentSecurityPolicy is a simple helper which allows applications
+ * to modify the Content-Security-Policy sent by ownCloud. Per default the policy
+ * is forbidding everything.
+ *
+ * As alternative with sane exemptions look at ContentSecurityPolicy
+ *
+ * @see \OCP\AppFramework\Http\ContentSecurityPolicy
+ * @package OCP\AppFramework\Http
+ * @since 9.0.0
+ */
+class EmptyContentSecurityPolicy {
+	/** @var bool Whether inline JS snippets are allowed */
+	protected $inlineScriptAllowed = null;
+	/**
+	 * @var bool Whether eval in JS scripts is allowed
+	 * TODO: Disallow per default
+	 * @link https://github.com/owncloud/core/issues/11925
+	 */
+	protected $evalScriptAllowed = null;
+	/** @var array Domains from which scripts can get loaded */
+	protected $allowedScriptDomains = null;
+	/**
+	 * @var bool Whether inline CSS is allowed
+	 * TODO: Disallow per default
+	 * @link https://github.com/owncloud/core/issues/13458
+	 */
+	protected $inlineStyleAllowed = null;
+	/** @var array Domains from which CSS can get loaded */
+	protected $allowedStyleDomains = null;
+	/** @var array Domains from which images can get loaded */
+	protected $allowedImageDomains = null;
+	/** @var array Domains to which connections can be done */
+	protected $allowedConnectDomains = null;
+	/** @var array Domains from which media elements can be loaded */
+	protected $allowedMediaDomains = null;
+	/** @var array Domains from which object elements can be loaded */
+	protected $allowedObjectDomains = null;
+	/** @var array Domains from which iframes can be loaded */
+	protected $allowedFrameDomains = null;
+	/** @var array Domains from which fonts can be loaded */
+	protected $allowedFontDomains = null;
+	/** @var array Domains from which web-workers and nested browsing content can load elements */
+	protected $allowedChildSrcDomains = null;
+
+	/**
+	 * Whether inline JavaScript snippets are allowed or forbidden
+	 * @param bool $state
+	 * @return $this
+	 * @since 8.1.0
+	 */
+	public function allowInlineScript($state = false) {
+		$this->inlineScriptAllowed = $state;
+		return $this;
+	}
+
+	/**
+	 * Whether eval in JavaScript is allowed or forbidden
+	 * @param bool $state
+	 * @return $this
+	 * @since 8.1.0
+	 */
+	public function allowEvalScript($state = true) {
+		$this->evalScriptAllowed = $state;
+		return $this;
+	}
+
+	/**
+	 * Allows to execute JavaScript files from a specific domain. Use * to
+	 * allow JavaScript from all domains.
+	 * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
+	 * @return $this
+	 * @since 8.1.0
+	 */
+	public function addAllowedScriptDomain($domain) {
+		$this->allowedScriptDomains[] = $domain;
+		return $this;
+	}
+
+	/**
+	 * Remove the specified allowed script domain from the allowed domains.
+	 *
+	 * @param string $domain
+	 * @return $this
+	 * @since 8.1.0
+	 */
+	public function disallowScriptDomain($domain) {
+		$this->allowedScriptDomains = array_diff($this->allowedScriptDomains, [$domain]);
+		return $this;
+	}
+
+	/**
+	 * Whether inline CSS snippets are allowed or forbidden
+	 * @param bool $state
+	 * @return $this
+	 * @since 8.1.0
+	 */
+	public function allowInlineStyle($state = true) {
+		$this->inlineStyleAllowed = $state;
+		return $this;
+	}
+
+	/**
+	 * Allows to execute CSS files from a specific domain. Use * to allow
+	 * CSS from all domains.
+	 * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
+	 * @return $this
+	 * @since 8.1.0
+	 */
+	public function addAllowedStyleDomain($domain) {
+		$this->allowedStyleDomains[] = $domain;
+		return $this;
+	}
+
+	/**
+	 * Remove the specified allowed style domain from the allowed domains.
+	 *
+	 * @param string $domain
+	 * @return $this
+	 * @since 8.1.0
+	 */
+	public function disallowStyleDomain($domain) {
+		$this->allowedStyleDomains = array_diff($this->allowedStyleDomains, [$domain]);
+		return $this;
+	}
+
+	/**
+	 * Allows using fonts from a specific domain. Use * to allow
+	 * fonts from all domains.
+	 * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
+	 * @return $this
+	 * @since 8.1.0
+	 */
+	public function addAllowedFontDomain($domain) {
+		$this->allowedFontDomains[] = $domain;
+		return $this;
+	}
+
+	/**
+	 * Remove the specified allowed font domain from the allowed domains.
+	 *
+	 * @param string $domain
+	 * @return $this
+	 * @since 8.1.0
+	 */
+	public function disallowFontDomain($domain) {
+		$this->allowedFontDomains = array_diff($this->allowedFontDomains, [$domain]);
+		return $this;
+	}
+
+	/**
+	 * Allows embedding images from a specific domain. Use * to allow
+	 * images from all domains.
+	 * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
+	 * @return $this
+	 * @since 8.1.0
+	 */
+	public function addAllowedImageDomain($domain) {
+		$this->allowedImageDomains[] = $domain;
+		return $this;
+	}
+
+	/**
+	 * Remove the specified allowed image domain from the allowed domains.
+	 *
+	 * @param string $domain
+	 * @return $this
+	 * @since 8.1.0
+	 */
+	public function disallowImageDomain($domain) {
+		$this->allowedImageDomains = array_diff($this->allowedImageDomains, [$domain]);
+		return $this;
+	}
+
+	/**
+	 * To which remote domains the JS connect to.
+	 * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
+	 * @return $this
+	 * @since 8.1.0
+	 */
+	public function addAllowedConnectDomain($domain) {
+		$this->allowedConnectDomains[] = $domain;
+		return $this;
+	}
+
+	/**
+	 * Remove the specified allowed connect domain from the allowed domains.
+	 *
+	 * @param string $domain
+	 * @return $this
+	 * @since 8.1.0
+	 */
+	public function disallowConnectDomain($domain) {
+		$this->allowedConnectDomains = array_diff($this->allowedConnectDomains, [$domain]);
+		return $this;
+	}
+
+	/**
+	 * From which domains media elements can be embedded.
+	 * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
+	 * @return $this
+	 * @since 8.1.0
+	 */
+	public function addAllowedMediaDomain($domain) {
+		$this->allowedMediaDomains[] = $domain;
+		return $this;
+	}
+
+	/**
+	 * Remove the specified allowed media domain from the allowed domains.
+	 *
+	 * @param string $domain
+	 * @return $this
+	 * @since 8.1.0
+	 */
+	public function disallowMediaDomain($domain) {
+		$this->allowedMediaDomains = array_diff($this->allowedMediaDomains, [$domain]);
+		return $this;
+	}
+
+	/**
+	 * From which domains objects such as <object>, <embed> or <applet> are executed
+	 * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
+	 * @return $this
+	 * @since 8.1.0
+	 */
+	public function addAllowedObjectDomain($domain) {
+		$this->allowedObjectDomains[] = $domain;
+		return $this;
+	}
+
+	/**
+	 * Remove the specified allowed object domain from the allowed domains.
+	 *
+	 * @param string $domain
+	 * @return $this
+	 * @since 8.1.0
+	 */
+	public function disallowObjectDomain($domain) {
+		$this->allowedObjectDomains = array_diff($this->allowedObjectDomains, [$domain]);
+		return $this;
+	}
+
+	/**
+	 * Which domains can be embedded in an iframe
+	 * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
+	 * @return $this
+	 * @since 8.1.0
+	 */
+	public function addAllowedFrameDomain($domain) {
+		$this->allowedFrameDomains[] = $domain;
+		return $this;
+	}
+
+	/**
+	 * Remove the specified allowed frame domain from the allowed domains.
+	 *
+	 * @param string $domain
+	 * @return $this
+	 * @since 8.1.0
+	 */
+	public function disallowFrameDomain($domain) {
+		$this->allowedFrameDomains = array_diff($this->allowedFrameDomains, [$domain]);
+		return $this;
+	}
+
+	/**
+	 * Domains from which web-workers and nested browsing content can load elements
+	 * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
+	 * @return $this
+	 * @since 8.1.0
+	 */
+	public function addAllowedChildSrcDomain($domain) {
+		$this->allowedChildSrcDomains[] = $domain;
+		return $this;
+	}
+
+	/**
+	 * Remove the specified allowed child src domain from the allowed domains.
+	 *
+	 * @param string $domain
+	 * @return $this
+	 * @since 8.1.0
+	 */
+	public function disallowChildSrcDomain($domain) {
+		$this->allowedChildSrcDomains = array_diff($this->allowedChildSrcDomains, [$domain]);
+		return $this;
+	}
+
+	/**
+	 * Get the generated Content-Security-Policy as a string
+	 * @return string
+	 * @since 8.1.0
+	 */
+	public function buildPolicy() {
+		$policy = "default-src 'none';";
+
+		if(!empty($this->allowedScriptDomains) || $this->inlineScriptAllowed || $this->evalScriptAllowed) {
+			$policy .= 'script-src ';
+			if(is_array($this->allowedScriptDomains)) {
+				$policy .= implode(' ', $this->allowedScriptDomains);
+			}
+			if($this->inlineScriptAllowed) {
+				$policy .= ' \'unsafe-inline\'';
+			}
+			if($this->evalScriptAllowed) {
+				$policy .= ' \'unsafe-eval\'';
+			}
+			$policy .= ';';
+		}
+
+		if(!empty($this->allowedStyleDomains) || $this->inlineStyleAllowed) {
+			$policy .= 'style-src ';
+			if(is_array($this->allowedStyleDomains)) {
+				$policy .= implode(' ', $this->allowedStyleDomains);
+			}
+			if($this->inlineStyleAllowed) {
+				$policy .= ' \'unsafe-inline\'';
+			}
+			$policy .= ';';
+		}
+
+		if(!empty($this->allowedImageDomains)) {
+			$policy .= 'img-src ' . implode(' ', $this->allowedImageDomains);
+			$policy .= ';';
+		}
+
+		if(!empty($this->allowedFontDomains)) {
+			$policy .= 'font-src ' . implode(' ', $this->allowedFontDomains);
+			$policy .= ';';
+		}
+
+		if(!empty($this->allowedConnectDomains)) {
+			$policy .= 'connect-src ' . implode(' ', $this->allowedConnectDomains);
+			$policy .= ';';
+		}
+
+		if(!empty($this->allowedMediaDomains)) {
+			$policy .= 'media-src ' . implode(' ', $this->allowedMediaDomains);
+			$policy .= ';';
+		}
+
+		if(!empty($this->allowedObjectDomains)) {
+			$policy .= 'object-src ' . implode(' ', $this->allowedObjectDomains);
+			$policy .= ';';
+		}
+
+		if(!empty($this->allowedFrameDomains)) {
+			$policy .= 'frame-src ' . implode(' ', $this->allowedFrameDomains);
+			$policy .= ';';
+		}
+
+		if(!empty($this->allowedChildSrcDomains)) {
+			$policy .= 'child-src ' . implode(' ', $this->allowedChildSrcDomains);
+			$policy .= ';';
+		}
+
+		return rtrim($policy, ';');
+	}
+}
diff --git a/lib/public/files/storagenotavailableexception.php b/lib/public/files/storagenotavailableexception.php
index 4572a69f047..f9ac79d66ec 100644
--- a/lib/public/files/storagenotavailableexception.php
+++ b/lib/public/files/storagenotavailableexception.php
@@ -54,7 +54,7 @@ class StorageNotAvailableException extends HintException {
 	 * @param \Exception $previous
 	 * @since 6.0.0
 	 */
-	public function __construct($message = '', $code = 0, \Exception $previous = null) {
+	public function __construct($message = '', $code = self::STATUS_ERROR, \Exception $previous = null) {
 		$l = \OC::$server->getL10N('core');
 		parent::__construct($message, $l->t('Storage not available'), $code, $previous);
 	}
diff --git a/lib/public/iservercontainer.php b/lib/public/iservercontainer.php
index ce1364cc4ea..de48daeef88 100644
--- a/lib/public/iservercontainer.php
+++ b/lib/public/iservercontainer.php
@@ -42,6 +42,7 @@
 // use OCP namespace for all classes that are considered public.
 // This means that they should be used by apps instead of the internal ownCloud classes
 namespace OCP;
+use OCP\Security\IContentSecurityPolicyManager;
 use Symfony\Component\EventDispatcher\EventDispatcherInterface;
 
 
@@ -512,4 +513,10 @@ interface IServerContainer {
 	 * @since 9.0.0
 	 */
 	public function getShareManager();
+
+	/**
+	 * @return IContentSecurityPolicyManager
+	 * @since 9.0.0
+	 */
+	public function getContentSecurityPolicyManager();
 }
diff --git a/lib/public/security/icontentsecuritypolicymanager.php b/lib/public/security/icontentsecuritypolicymanager.php
new file mode 100644
index 00000000000..10f1efe995f
--- /dev/null
+++ b/lib/public/security/icontentsecuritypolicymanager.php
@@ -0,0 +1,50 @@
+<?php
+/**
+ * @author Lukas Reschke <lukas@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCP\Security;
+use OCP\AppFramework\Http\EmptyContentSecurityPolicy;
+
+/**
+ * Used for Content Security Policy manipulations
+ *
+ * @package OCP\Security
+ * @since 9.0.0
+ */
+interface IContentSecurityPolicyManager {
+	/**
+	 * Allows to inject something into the default content policy. This is for
+	 * example useful when you're injecting Javascript code into a view belonging
+	 * to another controller and cannot modify its Content-Security-Policy itself.
+	 * Note that the adjustment is only applied to applications that use AppFramework
+	 * controllers.
+	 *
+	 * To use this from your `app.php` use `\OC::$server->getContentSecurityPolicyManager()->addDefaultPolicy($policy)`,
+	 * $policy has to be of type `\OCP\AppFramework\Http\ContentSecurityPolicy`.
+	 *
+	 * WARNING: Using this API incorrectly may make the instance more insecure.
+	 * Do think twice before adding whitelisting resources. Please do also note
+	 * that it is not possible to use the `disallowXYZ` functions.
+	 *
+	 * @param EmptyContentSecurityPolicy $policy
+	 * @since 9.0.0
+	 */
+	public function addDefaultPolicy(EmptyContentSecurityPolicy $policy);
+}
diff --git a/lib/public/share/imanager.php b/lib/public/share/imanager.php
index 6531c14a857..b2d9953e9ef 100644
--- a/lib/public/share/imanager.php
+++ b/lib/public/share/imanager.php
@@ -88,15 +88,17 @@ interface IManager {
 
 	/**
 	 * Get shares shared with $user.
+	 * Filter by $node if provided
 	 *
 	 * @param IUser $user
 	 * @param int $shareType
+	 * @param File|Folder|null $node
 	 * @param int $limit The maximum number of shares returned, -1 for all
 	 * @param int $offset
 	 * @return IShare[]
 	 * @since 9.0.0
 	 */
-	public function getSharedWith(IUser $user, $shareType, $limit = 50, $offset = 0);
+	public function getSharedWith(IUser $user, $shareType, $node = null, $limit = 50, $offset = 0);
 
 	/**
 	 * Retrieve a share by the share id
diff --git a/lib/public/share/ishareprovider.php b/lib/public/share/ishareprovider.php
index 50964c88dd6..8507462cbed 100644
--- a/lib/public/share/ishareprovider.php
+++ b/lib/public/share/ishareprovider.php
@@ -23,6 +23,7 @@ namespace OCP\Share;
 
 use OC\Share20\Exception\ShareNotFound;
 use OC\Share20\Exception\BackendError;
+use OCP\Files\Node;
 use OCP\IUser;
 
 /**
@@ -116,12 +117,13 @@ interface IShareProvider {
 	 *
 	 * @param IUser $user get shares where this user is the recipient
 	 * @param int $shareType
+	 * @param Node|null $node
 	 * @param int $limit The max number of entries returned, -1 for all
 	 * @param int $offset
 	 * @return \OCP\Share\IShare[]
 	 * @since 9.0.0
 	 */
-	public function getSharedWith(IUser $user, $shareType, $limit, $offset);
+	public function getSharedWith(IUser $user, $shareType, $node, $limit, $offset);
 
 	/**
 	 * Get a share by token