sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
76,178 Commits
596 Branches
1167 Tags
8.8 GiB
Commit Graph

7 Commits (2916e5df7e08fc588e752beaf486d907112a34ee)

Author SHA1 Message Date
Ferdinand Thiessen 2916e5df7e
feat: Provide CSP nonce as `<meta>` element 
This way we use the CSP nonce for dynamically loaded scripts.
Important to notice: The CSP nonce must NOT be injected in `content` as
this can lead to value exfiltration using e.g. side-channel attacts (CSS selectors).

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-08-13 10:32:44 +07:00
Ferdinand Thiessen 009761be58
test: Adjust tests for CSP nonce 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-08-13 10:06:32 +07:00
Andy Scherzinger 1f7e2ba599
chore: Add SPDX header 
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
 2024-05-13 17:41:36 +07:00
Côme Chilliet f5c361cf44
composer run cs:fix 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-01-20 11:45:08 +07:00
Christoph Wurst 2a529e453a
Use a blank line after the opening tag 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-09 11:50:14 +07:00
Roeland Jago Douma c007ca624f
Make phpunit8 compatible 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-11-27 13:34:41 +07:00
Roeland Jago Douma 37a4282c7a
Split up security middleware 
With upcoming work for the feature policy header. Splitting this in
smaller classes that just do 1 thing makes sense.

I rather have a few small classes that are tiny and do 1 thing right
(and we all understand what is going on) than have big ones.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-07-27 16:11:45 +07:00