@@ -34,58 +34,58 @@ |
||
34 | 34 | * @package OC\Security\CSP |
35 | 35 | */ |
36 | 36 | class ContentSecurityPolicyNonceManager { |
37 | - /** @var CsrfTokenManager */ |
|
38 | - private $csrfTokenManager; |
|
39 | - /** @var IRequest */ |
|
40 | - private $request; |
|
41 | - /** @var string */ |
|
42 | - private $nonce = ''; |
|
37 | + /** @var CsrfTokenManager */ |
|
38 | + private $csrfTokenManager; |
|
39 | + /** @var IRequest */ |
|
40 | + private $request; |
|
41 | + /** @var string */ |
|
42 | + private $nonce = ''; |
|
43 | 43 | |
44 | - /** |
|
45 | - * @param CsrfTokenManager $csrfTokenManager |
|
46 | - * @param IRequest $request |
|
47 | - */ |
|
48 | - public function __construct(CsrfTokenManager $csrfTokenManager, |
|
49 | - IRequest $request) { |
|
50 | - $this->csrfTokenManager = $csrfTokenManager; |
|
51 | - $this->request = $request; |
|
52 | - } |
|
44 | + /** |
|
45 | + * @param CsrfTokenManager $csrfTokenManager |
|
46 | + * @param IRequest $request |
|
47 | + */ |
|
48 | + public function __construct(CsrfTokenManager $csrfTokenManager, |
|
49 | + IRequest $request) { |
|
50 | + $this->csrfTokenManager = $csrfTokenManager; |
|
51 | + $this->request = $request; |
|
52 | + } |
|
53 | 53 | |
54 | - /** |
|
55 | - * Returns the current CSP nounce |
|
56 | - * |
|
57 | - * @return string |
|
58 | - */ |
|
59 | - public function getNonce(): string { |
|
60 | - if($this->nonce === '') { |
|
61 | - if (empty($this->request->server['CSP_NONCE'])) { |
|
62 | - $this->nonce = base64_encode($this->csrfTokenManager->getToken()->getEncryptedValue()); |
|
63 | - } else { |
|
64 | - $this->nonce = $this->request->server['CSP_NONCE']; |
|
65 | - } |
|
66 | - } |
|
54 | + /** |
|
55 | + * Returns the current CSP nounce |
|
56 | + * |
|
57 | + * @return string |
|
58 | + */ |
|
59 | + public function getNonce(): string { |
|
60 | + if($this->nonce === '') { |
|
61 | + if (empty($this->request->server['CSP_NONCE'])) { |
|
62 | + $this->nonce = base64_encode($this->csrfTokenManager->getToken()->getEncryptedValue()); |
|
63 | + } else { |
|
64 | + $this->nonce = $this->request->server['CSP_NONCE']; |
|
65 | + } |
|
66 | + } |
|
67 | 67 | |
68 | - return $this->nonce; |
|
69 | - } |
|
68 | + return $this->nonce; |
|
69 | + } |
|
70 | 70 | |
71 | - /** |
|
72 | - * Check if the browser supports CSP v3 |
|
73 | - * |
|
74 | - * @return bool |
|
75 | - */ |
|
76 | - public function browserSupportsCspV3(): bool { |
|
77 | - $browserWhitelist = [ |
|
78 | - Request::USER_AGENT_CHROME, |
|
79 | - // Firefox 45+ |
|
80 | - '/^Mozilla\/5\.0 \([^)]+\) Gecko\/[0-9.]+ Firefox\/(4[5-9]|[5-9][0-9])\.[0-9.]+$/', |
|
81 | - // Safari 12+ |
|
82 | - '/^Mozilla\/5\.0 \([^)]+\) AppleWebKit\/[0-9.]+ \(KHTML, like Gecko\) Version\/(1[2-9]|[2-9][0-9])\.[0-9]+ Safari\/[0-9.A-Z]+$/', |
|
83 | - ]; |
|
71 | + /** |
|
72 | + * Check if the browser supports CSP v3 |
|
73 | + * |
|
74 | + * @return bool |
|
75 | + */ |
|
76 | + public function browserSupportsCspV3(): bool { |
|
77 | + $browserWhitelist = [ |
|
78 | + Request::USER_AGENT_CHROME, |
|
79 | + // Firefox 45+ |
|
80 | + '/^Mozilla\/5\.0 \([^)]+\) Gecko\/[0-9.]+ Firefox\/(4[5-9]|[5-9][0-9])\.[0-9.]+$/', |
|
81 | + // Safari 12+ |
|
82 | + '/^Mozilla\/5\.0 \([^)]+\) AppleWebKit\/[0-9.]+ \(KHTML, like Gecko\) Version\/(1[2-9]|[2-9][0-9])\.[0-9]+ Safari\/[0-9.A-Z]+$/', |
|
83 | + ]; |
|
84 | 84 | |
85 | - if($this->request->isUserAgent($browserWhitelist)) { |
|
86 | - return true; |
|
87 | - } |
|
85 | + if($this->request->isUserAgent($browserWhitelist)) { |
|
86 | + return true; |
|
87 | + } |
|
88 | 88 | |
89 | - return false; |
|
90 | - } |
|
89 | + return false; |
|
90 | + } |
|
91 | 91 | } |
@@ -57,7 +57,7 @@ discard block |
||
57 | 57 | * @return string |
58 | 58 | */ |
59 | 59 | public function getNonce(): string { |
60 | - if($this->nonce === '') { |
|
60 | + if ($this->nonce === '') { |
|
61 | 61 | if (empty($this->request->server['CSP_NONCE'])) { |
62 | 62 | $this->nonce = base64_encode($this->csrfTokenManager->getToken()->getEncryptedValue()); |
63 | 63 | } else { |
@@ -82,7 +82,7 @@ discard block |
||
82 | 82 | '/^Mozilla\/5\.0 \([^)]+\) AppleWebKit\/[0-9.]+ \(KHTML, like Gecko\) Version\/(1[2-9]|[2-9][0-9])\.[0-9]+ Safari\/[0-9.A-Z]+$/', |
83 | 83 | ]; |
84 | 84 | |
85 | - if($this->request->isUserAgent($browserWhitelist)) { |
|
85 | + if ($this->request->isUserAgent($browserWhitelist)) { |
|
86 | 86 | return true; |
87 | 87 | } |
88 | 88 |