Skip to content

Commit 78cfe37

Browse files
nickvergessennickvergessen
authored
Merge pull request #58853 from nextcloud/bugfix/noid/remove-wildcard-csp
fix(videoverification): Remove CSP wildcard for video verification
2 parents f0f38fd + dc529fa commit 78cfe37

File tree

1 file changed

+3
-28
lines changed

1 file changed

+3
-28
lines changed

apps/files_sharing/lib/Controller/ShareController.php

Lines changed: 3 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,6 @@
77
*/
88
namespace OCA\Files_Sharing\Controller;
99

10-
use OC\Security\CSP\ContentSecurityPolicy;
1110
use OC\ServerNotAvailableException;
1211
use OCA\DAV\Connector\Sabre\PublicAuth;
1312
use OCA\FederatedFileSharing\FederatedShareProvider;
@@ -93,15 +92,7 @@ public function showAuthenticate(): TemplateResponse {
9392

9493
$this->eventDispatcher->dispatchTyped(new BeforeTemplateRenderedEvent($this->share, BeforeTemplateRenderedEvent::SCOPE_PUBLIC_SHARE_AUTH));
9594

96-
$response = new TemplateResponse('core', 'publicshareauth', $templateParameters, 'guest');
97-
if ($this->share->getSendPasswordByTalk()) {
98-
$csp = new ContentSecurityPolicy();
99-
$csp->addAllowedConnectDomain('*');
100-
$csp->addAllowedMediaDomain('blob:');
101-
$response->setContentSecurityPolicy($csp);
102-
}
103-
104-
return $response;
95+
return new TemplateResponse('core', 'publicshareauth', $templateParameters, 'guest');
10596
}
10697

10798
/**
@@ -112,15 +103,7 @@ protected function showAuthFailed(): TemplateResponse {
112103

113104
$this->eventDispatcher->dispatchTyped(new BeforeTemplateRenderedEvent($this->share, BeforeTemplateRenderedEvent::SCOPE_PUBLIC_SHARE_AUTH));
114105

115-
$response = new TemplateResponse('core', 'publicshareauth', $templateParameters, 'guest');
116-
if ($this->share->getSendPasswordByTalk()) {
117-
$csp = new ContentSecurityPolicy();
118-
$csp->addAllowedConnectDomain('*');
119-
$csp->addAllowedMediaDomain('blob:');
120-
$response->setContentSecurityPolicy($csp);
121-
}
122-
123-
return $response;
106+
return new TemplateResponse('core', 'publicshareauth', $templateParameters, 'guest');
124107
}
125108

126109
/**
@@ -131,15 +114,7 @@ protected function showIdentificationResult(bool $success = false): TemplateResp
131114

132115
$this->eventDispatcher->dispatchTyped(new BeforeTemplateRenderedEvent($this->share, BeforeTemplateRenderedEvent::SCOPE_PUBLIC_SHARE_AUTH));
133116

134-
$response = new TemplateResponse('core', 'publicshareauth', $templateParameters, 'guest');
135-
if ($this->share->getSendPasswordByTalk()) {
136-
$csp = new ContentSecurityPolicy();
137-
$csp->addAllowedConnectDomain('*');
138-
$csp->addAllowedMediaDomain('blob:');
139-
$response->setContentSecurityPolicy($csp);
140-
}
141-
142-
return $response;
117+
return new TemplateResponse('core', 'publicshareauth', $templateParameters, 'guest');
143118
}
144119

145120
/**

0 commit comments

Comments
 (0)