nextcloud /
server
@@ -362,77 +362,77 @@ |
||
| 362 | 362 | $policy .= "base-uri 'none';"; |
| 363 | 363 | $policy .= "manifest-src 'self';"; |
| 364 | 364 | |
| 365 | - if(!empty($this->allowedScriptDomains) || $this->inlineScriptAllowed || $this->evalScriptAllowed) { |
|
| 365 | + if (!empty($this->allowedScriptDomains) || $this->inlineScriptAllowed || $this->evalScriptAllowed) { |
|
| 366 | 366 | $policy .= 'script-src '; |
| 367 | - if(is_string($this->useJsNonce)) { |
|
| 367 | + if (is_string($this->useJsNonce)) { |
|
| 368 | 368 | $policy .= '\'nonce-'.base64_encode($this->useJsNonce).'\''; |
| 369 | 369 | $allowedScriptDomains = array_flip($this->allowedScriptDomains); |
| 370 | 370 | unset($allowedScriptDomains['\'self\'']); |
| 371 | 371 | $this->allowedScriptDomains = array_flip($allowedScriptDomains); |
| 372 | - if(count($allowedScriptDomains) !== 0) { |
|
| 372 | + if (count($allowedScriptDomains) !== 0) { |
|
| 373 | 373 | $policy .= ' '; |
| 374 | 374 | } |
| 375 | 375 | } |
| 376 | - if(is_array($this->allowedScriptDomains)) { |
|
| 376 | + if (is_array($this->allowedScriptDomains)) { |
|
| 377 | 377 | $policy .= implode(' ', $this->allowedScriptDomains); |
| 378 | 378 | } |
| 379 | - if($this->inlineScriptAllowed) { |
|
| 379 | + if ($this->inlineScriptAllowed) { |
|
| 380 | 380 | $policy .= ' \'unsafe-inline\''; |
| 381 | 381 | } |
| 382 | - if($this->evalScriptAllowed) { |
|
| 382 | + if ($this->evalScriptAllowed) { |
|
| 383 | 383 | $policy .= ' \'unsafe-eval\''; |
| 384 | 384 | } |
| 385 | 385 | $policy .= ';'; |
| 386 | 386 | } |
| 387 | 387 | |
| 388 | - if(!empty($this->allowedStyleDomains) || $this->inlineStyleAllowed) { |
|
| 388 | + if (!empty($this->allowedStyleDomains) || $this->inlineStyleAllowed) { |
|
| 389 | 389 | $policy .= 'style-src '; |
| 390 | - if(is_array($this->allowedStyleDomains)) { |
|
| 390 | + if (is_array($this->allowedStyleDomains)) { |
|
| 391 | 391 | $policy .= implode(' ', $this->allowedStyleDomains); |
| 392 | 392 | } |
| 393 | - if($this->inlineStyleAllowed) { |
|
| 393 | + if ($this->inlineStyleAllowed) { |
|
| 394 | 394 | $policy .= ' \'unsafe-inline\''; |
| 395 | 395 | } |
| 396 | 396 | $policy .= ';'; |
| 397 | 397 | } |
| 398 | 398 | |
| 399 | - if(!empty($this->allowedImageDomains)) { |
|
| 400 | - $policy .= 'img-src ' . implode(' ', $this->allowedImageDomains); |
|
| 399 | + if (!empty($this->allowedImageDomains)) { |
|
| 400 | + $policy .= 'img-src '.implode(' ', $this->allowedImageDomains); |
|
| 401 | 401 | $policy .= ';'; |
| 402 | 402 | } |
| 403 | 403 | |
| 404 | - if(!empty($this->allowedFontDomains)) { |
|
| 405 | - $policy .= 'font-src ' . implode(' ', $this->allowedFontDomains); |
|
| 404 | + if (!empty($this->allowedFontDomains)) { |
|
| 405 | + $policy .= 'font-src '.implode(' ', $this->allowedFontDomains); |
|
| 406 | 406 | $policy .= ';'; |
| 407 | 407 | } |
| 408 | 408 | |
| 409 | - if(!empty($this->allowedConnectDomains)) { |
|
| 410 | - $policy .= 'connect-src ' . implode(' ', $this->allowedConnectDomains); |
|
| 409 | + if (!empty($this->allowedConnectDomains)) { |
|
| 410 | + $policy .= 'connect-src '.implode(' ', $this->allowedConnectDomains); |
|
| 411 | 411 | $policy .= ';'; |
| 412 | 412 | } |
| 413 | 413 | |
| 414 | - if(!empty($this->allowedMediaDomains)) { |
|
| 415 | - $policy .= 'media-src ' . implode(' ', $this->allowedMediaDomains); |
|
| 414 | + if (!empty($this->allowedMediaDomains)) { |
|
| 415 | + $policy .= 'media-src '.implode(' ', $this->allowedMediaDomains); |
|
| 416 | 416 | $policy .= ';'; |
| 417 | 417 | } |
| 418 | 418 | |
| 419 | - if(!empty($this->allowedObjectDomains)) { |
|
| 420 | - $policy .= 'object-src ' . implode(' ', $this->allowedObjectDomains); |
|
| 419 | + if (!empty($this->allowedObjectDomains)) { |
|
| 420 | + $policy .= 'object-src '.implode(' ', $this->allowedObjectDomains); |
|
| 421 | 421 | $policy .= ';'; |
| 422 | 422 | } |
| 423 | 423 | |
| 424 | - if(!empty($this->allowedFrameDomains)) { |
|
| 425 | - $policy .= 'frame-src ' . implode(' ', $this->allowedFrameDomains); |
|
| 424 | + if (!empty($this->allowedFrameDomains)) { |
|
| 425 | + $policy .= 'frame-src '.implode(' ', $this->allowedFrameDomains); |
|
| 426 | 426 | $policy .= ';'; |
| 427 | 427 | } |
| 428 | 428 | |
| 429 | - if(!empty($this->allowedChildSrcDomains)) { |
|
| 430 | - $policy .= 'child-src ' . implode(' ', $this->allowedChildSrcDomains); |
|
| 429 | + if (!empty($this->allowedChildSrcDomains)) { |
|
| 430 | + $policy .= 'child-src '.implode(' ', $this->allowedChildSrcDomains); |
|
| 431 | 431 | $policy .= ';'; |
| 432 | 432 | } |
| 433 | 433 | |
| 434 | - if(!empty($this->allowedFrameAncestors)) { |
|
| 435 | - $policy .= 'frame-ancestors ' . implode(' ', $this->allowedFrameAncestors); |
|
| 434 | + if (!empty($this->allowedFrameAncestors)) { |
|
| 435 | + $policy .= 'frame-ancestors '.implode(' ', $this->allowedFrameAncestors); |
|
| 436 | 436 | $policy .= ';'; |
| 437 | 437 | } |
| 438 | 438 | |
