@@ 135-143 (lines=9) @@ | ||
132 | $expectedResponse = new \OCA\Mail\Http\HtmlResponse(null); |
|
133 | $expectedResponse->cacheFor(3600); |
|
134 | $expectedResponse->addHeader('Pragma', 'cache'); |
|
135 | if(class_exists('\OCP\AppFramework\Http\ContentSecurityPolicy')) { |
|
136 | $policy = new \OCP\AppFramework\Http\ContentSecurityPolicy(); |
|
137 | $policy->allowEvalScript(false); |
|
138 | $policy->disallowScriptDomain('\'self\''); |
|
139 | $policy->disallowConnectDomain('\'self\''); |
|
140 | $policy->disallowFontDomain('\'self\''); |
|
141 | $policy->disallowMediaDomain('\'self\''); |
|
142 | $expectedResponse->setContentSecurityPolicy($policy); |
|
143 | } |
|
144 | ||
145 | $actualResponse = $this->controller->getHtmlBody($accountId, base64_encode($folderId), $messageId); |
|
146 |
@@ 208-216 (lines=9) @@ | ||
205 | ||
206 | // Harden the default security policy |
|
207 | // FIXME: Remove once ownCloud 8.1 is a requirement for the mail app |
|
208 | if(class_exists('\OCP\AppFramework\Http\ContentSecurityPolicy')) { |
|
209 | $policy = new ContentSecurityPolicy(); |
|
210 | $policy->allowEvalScript(false); |
|
211 | $policy->disallowScriptDomain('\'self\''); |
|
212 | $policy->disallowConnectDomain('\'self\''); |
|
213 | $policy->disallowFontDomain('\'self\''); |
|
214 | $policy->disallowMediaDomain('\'self\''); |
|
215 | $htmlResponse->setContentSecurityPolicy($policy); |
|
216 | } |
|
217 | ||
218 | // Enable caching |
|
219 | $htmlResponse->cacheFor(60 * 60); |