nextcloud-server

History

Ferdinand Thiessen 2916e5df7e feat: Provide CSP nonce as `<meta>` element This way we use the CSP nonce for dynamically loaded scripts. Important to notice: The CSP nonce must NOT be injected in `content` as this can lead to value exfiltration using e.g. side-channel attacts (CSS selectors). Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>		2024-08-13 10:32:44 +07:00
..
PublicShare	fix(files_sharing): show proper share not found error message	2024-08-06 16:25:10 +07:00
Security	feat: Provide CSP nonce as `<meta>` element	2024-08-13 10:32:44 +07:00
AdditionalScriptsMiddlewareTest.php	chore: Add SPDX header	2024-05-13 17:41:36 +07:00
CompressionMiddlewareTest.php	chore: Add SPDX header	2024-05-13 17:41:36 +07:00
MiddlewareDispatcherTest.php	chore: Add SPDX header	2024-05-13 17:41:36 +07:00
MiddlewareTest.php	chore: Add SPDX header	2024-05-13 17:41:36 +07:00
NotModifiedMiddlewareTest.php	chore: Add SPDX header	2024-05-13 17:41:36 +07:00
OCSMiddlewareTest.php	chore: Add SPDX header	2024-05-13 17:41:36 +07:00
SessionMiddlewareTest.php	chore: Add SPDX header	2024-05-13 17:41:36 +07:00