sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nextcloud-server/lib/private/Security
History
Ferdinand Thiessen 2916e5df7e
feat: Provide CSP nonce as `<meta>` element 
This way we use the CSP nonce for dynamically loaded scripts.
Important to notice: The CSP nonce must NOT be injected in `content` as
this can lead to value exfiltration using e.g. side-channel attacts (CSS selectors).

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 		2024-08-13 10:32:44 +07:00
..
Bruteforce chore: Add SPDX header 2024-05-24 13:11:22 +07:00
CSP feat: Provide CSP nonce as `<meta>` element 2024-08-13 10:32:44 +07:00
CSRF chore: Add SPDX header 2024-05-24 13:11:22 +07:00
FeaturePolicy chore: Add SPDX header 2024-05-24 13:11:22 +07:00
IdentityProof chore: Add SPDX header 2024-05-24 13:11:22 +07:00
Ip feat(Security): add Factory for IP addresses and ranges 2024-07-19 16:28:03 +07:00
Normalizer chore: Add SPDX header 2024-05-24 13:11:22 +07:00
RateLimiting chore: Add SPDX header 2024-05-24 13:11:22 +07:00
VerificationToken chore: Add SPDX header 2024-05-24 13:11:22 +07:00
Certificate.php chore: Add SPDX header 2024-05-24 13:11:22 +07:00
CertificateManager.php refactor: Migrate some legacy and core functions to `IFilenameValidator` 2024-07-19 19:41:46 +07:00
CredentialsManager.php chore: Add SPDX header 2024-05-24 13:11:22 +07:00
Crypto.php chore: Add SPDX header 2024-05-24 13:11:22 +07:00
Hasher.php chore: More explicit splitHash typing 2024-07-04 17:05:45 +07:00
RemoteHostValidator.php chore: Add SPDX header 2024-05-24 13:11:22 +07:00
SecureRandom.php Merge branch 'master' into refactor/OC-Server-getSecureRandom 2024-05-30 14:24:22 +07:00
TrustedDomainHelper.php chore: Add SPDX header 2024-05-24 13:11:22 +07:00