nextcloud / server

lib/public/AppFramework/Http/ContentSecurityPolicy.php

Indentation +46 added lines, -46 removed lines

@@ -42,52 +42,52 @@
  * @deprecated 14.0.0 Use one of our stricter CSP policies
  */
 class ContentSecurityPolicy extends EmptyContentSecurityPolicy {
-	/** @var bool Whether inline JS snippets are allowed */
-	protected $inlineScriptAllowed = false;
-	/** @var bool Whether eval in JS scripts is allowed */
-	protected $evalScriptAllowed = false;
-	/** @var array Domains from which scripts can get loaded */
-	protected $allowedScriptDomains = [
-		'\'self\'',
-	];
-	/**
-	 * @var bool Whether inline CSS is allowed
-	 * TODO: Disallow per default
-	 * @link https://github.com/owncloud/core/issues/13458
-	 */
-	protected $inlineStyleAllowed = true;
-	/** @var array Domains from which CSS can get loaded */
-	protected $allowedStyleDomains = [
-		'\'self\'',
-	];
-	/** @var array Domains from which images can get loaded */
-	protected $allowedImageDomains = [
-		'\'self\'',
-		'data:',
-		'blob:',
-	];
-	/** @var array Domains to which connections can be done */
-	protected $allowedConnectDomains = [
-		'\'self\'',
-	];
-	/** @var array Domains from which media elements can be loaded */
-	protected $allowedMediaDomains = [
-		'\'self\'',
-	];
-	/** @var array Domains from which object elements can be loaded */
-	protected $allowedObjectDomains = [];
-	/** @var array Domains from which iframes can be loaded */
-	protected $allowedFrameDomains = [];
-	/** @var array Domains from which fonts can be loaded */
-	protected $allowedFontDomains = [
-		'\'self\'',
-	];
-	/** @var array Domains from which web-workers and nested browsing content can load elements */
-	protected $allowedChildSrcDomains = [];
+    /** @var bool Whether inline JS snippets are allowed */
+    protected $inlineScriptAllowed = false;
+    /** @var bool Whether eval in JS scripts is allowed */
+    protected $evalScriptAllowed = false;
+    /** @var array Domains from which scripts can get loaded */
+    protected $allowedScriptDomains = [
+        '\'self\'',
+    ];
+    /**
+     * @var bool Whether inline CSS is allowed
+     * TODO: Disallow per default
+     * @link https://github.com/owncloud/core/issues/13458
+     */
+    protected $inlineStyleAllowed = true;
+    /** @var array Domains from which CSS can get loaded */
+    protected $allowedStyleDomains = [
+        '\'self\'',
+    ];
+    /** @var array Domains from which images can get loaded */
+    protected $allowedImageDomains = [
+        '\'self\'',
+        'data:',
+        'blob:',
+    ];
+    /** @var array Domains to which connections can be done */
+    protected $allowedConnectDomains = [
+        '\'self\'',
+    ];
+    /** @var array Domains from which media elements can be loaded */
+    protected $allowedMediaDomains = [
+        '\'self\'',
+    ];
+    /** @var array Domains from which object elements can be loaded */
+    protected $allowedObjectDomains = [];
+    /** @var array Domains from which iframes can be loaded */
+    protected $allowedFrameDomains = [];
+    /** @var array Domains from which fonts can be loaded */
+    protected $allowedFontDomains = [
+        '\'self\'',
+    ];
+    /** @var array Domains from which web-workers and nested browsing content can load elements */
+    protected $allowedChildSrcDomains = [];
 
-	/** @var array Domains which can embed this Nextcloud instance */
-	protected $allowedFrameAncestors = [];
+    /** @var array Domains which can embed this Nextcloud instance */
+    protected $allowedFrameAncestors = [];
 
-	/** @var array Domains from which web-workers can be loaded */
-	protected $allowedWorkerSrcDomains = [];
+    /** @var array Domains from which web-workers can be loaded */
+    protected $allowedWorkerSrcDomains = [];
 }