gabriel
/
nextcloud_ynh
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Merge pull request #84 from YunoHost-Apps/fix_logout 

Fix logout (#83)
pull/81/head
Maniack Crudelis 8 years ago
committed by GitHub
parent
c1dd48d70a 68c2f41da6
commit
d3ea430d93
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 33 additions and 33 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 0
      sources/patches/app-00-add-logout_url-conf.patch
  2. 66
      sources/patches/app-01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch

0
sources/patches/00-add-logout_url-conf.patch → sources/patches/app-00-add-logout_url-conf.patch
View File

66
patches/01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch → sources/patches/app-01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch
View File

@ -1,33 +1,33 @@
lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php | 4 ++++
lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php | 3 ++-
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
index 85ae127f5f..91618a09fc 100644
--- a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
+++ b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
@@ -65,6 +65,10 @@ class ContentSecurityPolicyNonceManager {
* @return bool
*/
public function browserSupportsCspV3() {
+ // YunoHost patch: disable CSPv3 nonces to:
+ // - avoid white page on first login from YunoHost portal
+ // - allow YunoHost tile display
+ return false;
$browserWhitelist = [
Request::USER_AGENT_CHROME,
// Firefox 45+
diff --git a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
index 64d4eb6e5d..59d5885620 100644
--- a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
+++ b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
@@ -377,7 +377,8 @@ class EmptyContentSecurityPolicy {
if(!empty($this->allowedFontDomains)) {
$policy .= 'font-src ' . implode(' ', $this->allowedFontDomains);
- $policy .= ';';
+ // YunoHost patch: extend font-src to load data fonts embedded in YunoHost tile script
+ $policy .= ' data:;';
}
if(!empty($this->allowedConnectDomains)) {
lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php | 4 ++++
lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php | 3 ++-
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
index 85ae127f5f..91618a09fc 100644
--- a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
+++ b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
@@ -65,6 +65,10 @@ class ContentSecurityPolicyNonceManager {
* @return bool
*/
public function browserSupportsCspV3() {
+ // YunoHost patch: disable CSPv3 nonces to:
+ // - avoid white page on first login from YunoHost portal
+ // - allow YunoHost tile display
+ return false;
$browserWhitelist = [
Request::USER_AGENT_CHROME,
// Firefox 45+
diff --git a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
index 64d4eb6e5d..59d5885620 100644
--- a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
+++ b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
@@ -377,7 +377,8 @@ class EmptyContentSecurityPolicy {
if(!empty($this->allowedFontDomains)) {
$policy .= 'font-src ' . implode(' ', $this->allowedFontDomains);
- $policy .= ';';
+ // YunoHost patch: extend font-src to load data fonts embedded in YunoHost tile script
+ $policy .= ' data:;';
}
if(!empty($this->allowedConnectDomains)) {
Write Preview
Loading…
Cancel
Save