From a62190a72dc712cfc4f5a83e9c0bfbb0d761a8b6 Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Wed, 20 May 2015 11:44:37 +0200 Subject: Add support for disallowing domains to the ContentSecurityPolicy For enhanced security it is important that there is also a way to disallow domains, including the default ones. With this commit every method gets added a new "disallow" function. --- .../appframework/http/contentsecuritypolicy.php | 112 ++++++++++++++++++++- 1 file changed, 110 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/public/appframework/http/contentsecuritypolicy.php b/lib/public/appframework/http/contentsecuritypolicy.php index be4b6e60f97..9c7218dc8ba 100644 --- a/lib/public/appframework/http/contentsecuritypolicy.php +++ b/lib/public/appframework/http/contentsecuritypolicy.php @@ -101,7 +101,7 @@ class ContentSecurityPolicy { * @since 8.1.0 */ public function allowEvalScript($state = true) { - $this->evalScriptAllowed= $state; + $this->evalScriptAllowed = $state; return $this; } @@ -117,6 +117,18 @@ class ContentSecurityPolicy { return $this; } + /** + * Remove the specified allowed script domain from the allowed domains. + * + * @param string $domain + * @return $this + * @since 8.1.0 + */ + public function disallowScriptDomain($domain) { + $this->allowedScriptDomains = array_diff($this->allowedScriptDomains, [$domain]); + return $this; + } + /** * Whether inline CSS snippets are allowed or forbidden * @param bool $state @@ -140,6 +152,18 @@ class ContentSecurityPolicy { return $this; } + /** + * Remove the specified allowed style domain from the allowed domains. + * + * @param string $domain + * @return $this + * @since 8.1.0 + */ + public function disallowStyleDomain($domain) { + $this->allowedStyleDomains = array_diff($this->allowedStyleDomains, [$domain]); + return $this; + } + /** * Allows using fonts from a specific domain. Use * to allow * fonts from all domains. @@ -152,6 +176,18 @@ class ContentSecurityPolicy { return $this; } + /** + * Remove the specified allowed font domain from the allowed domains. + * + * @param string $domain + * @return $this + * @since 8.1.0 + */ + public function disallowFontDomain($domain) { + $this->allowedFontDomains = array_diff($this->allowedFontDomains, [$domain]); + return $this; + } + /** * Allows embedding images from a specific domain. Use * to allow * images from all domains. @@ -164,6 +200,18 @@ class ContentSecurityPolicy { return $this; } + /** + * Remove the specified allowed image domain from the allowed domains. + * + * @param string $domain + * @return $this + * @since 8.1.0 + */ + public function disallowImageDomain($domain) { + $this->allowedImageDomains = array_diff($this->allowedImageDomains, [$domain]); + return $this; + } + /** * To which remote domains the JS connect to. * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized. @@ -176,7 +224,19 @@ class ContentSecurityPolicy { } /** - * From whoch domains media elements can be embedded. + * Remove the specified allowed connect domain from the allowed domains. + * + * @param string $domain + * @return $this + * @since 8.1.0 + */ + public function disallowConnectDomain($domain) { + $this->allowedConnectDomains = array_diff($this->allowedConnectDomains, [$domain]); + return $this; + } + + /** + * From which domains media elements can be embedded. * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized. * @return $this * @since 8.1.0 @@ -186,6 +246,18 @@ class ContentSecurityPolicy { return $this; } + /** + * Remove the specified allowed media domain from the allowed domains. + * + * @param string $domain + * @return $this + * @since 8.1.0 + */ + public function disallowMediaDomain($domain) { + $this->allowedMediaDomains = array_diff($this->allowedMediaDomains, [$domain]); + return $this; + } + /** * From which domains objects such as , or are executed * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized. @@ -197,6 +269,18 @@ class ContentSecurityPolicy { return $this; } + /** + * Remove the specified allowed object domain from the allowed domains. + * + * @param string $domain + * @return $this + * @since 8.1.0 + */ + public function disallowObjectDomain($domain) { + $this->allowedObjectDomains = array_diff($this->allowedObjectDomains, [$domain]); + return $this; + } + /** * Which domains can be embedded in an iframe * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized. @@ -208,6 +292,18 @@ class ContentSecurityPolicy { return $this; } + /** + * Remove the specified allowed frame domain from the allowed domains. + * + * @param string $domain + * @return $this + * @since 8.1.0 + */ + public function disallowFrameDomain($domain) { + $this->allowedFrameDomains = array_diff($this->allowedFrameDomains, [$domain]); + return $this; + } + /** * Domains from which web-workers and nested browsing content can load elements * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized. @@ -219,6 +315,18 @@ class ContentSecurityPolicy { return $this; } + /** + * Remove the specified allowed child src domain from the allowed domains. + * + * @param string $domain + * @return $this + * @since 8.1.0 + */ + public function disallowChildSrcDomain($domain) { + $this->allowedChildSrcDomains = array_diff($this->allowedChildSrcDomains, [$domain]); + return $this; + } + /** * Get the generated Content-Security-Policy as a string * @return string -- cgit v1.2.3