diff options
author | Bernhard Posselt <dev@bernhard-posselt.com> | 2015-03-22 13:41:05 +0100 |
---|---|---|
committer | Bernhard Posselt <dev@bernhard-posselt.com> | 2015-03-22 13:41:05 +0100 |
commit | 900260f5687e1b6f8b2890f67f259b1264ebce87 (patch) | |
tree | ef736fc2c5725eea594b221c47a5cfcf57145e05 /controller | |
parent | 4ee93da76cc40c39ebbd494b979d4217857b32dc (diff) |
remove optional check for csp class
Diffstat (limited to 'controller')
-rw-r--r-- | controller/pagecontroller.php | 24 |
1 files changed, 11 insertions, 13 deletions
diff --git a/controller/pagecontroller.php b/controller/pagecontroller.php index 88e3c9016..3b3220598 100644 --- a/controller/pagecontroller.php +++ b/controller/pagecontroller.php @@ -13,13 +13,14 @@ namespace OCA\News\Controller; -use OCP\AppFramework\Http\TemplateResponse; -use OCP\AppFramework\Http\JSONResponse; use OCP\IRequest; use OCP\IConfig; use OCP\IL10N; use OCP\IURLGenerator; use OCP\AppFramework\Controller; +use OCP\AppFramework\Http\TemplateResponse; +use OCP\AppFramework\Http\JSONResponse; +use OCP\AppFramework\Http\ContentSecurityPolicy; use OCA\News\Service\StatusService; use OCA\News\Config\AppConfig; @@ -70,17 +71,14 @@ class PageController extends Controller { 'cronWarning' => $status['warnings']['improperlyConfiguredCron'] ]); - // set csp rules for ownCloud 8.1 - if (class_exists('OCP\AppFramework\Http\ContentSecurityPolicy')) { - $csp = new \OCP\AppFramework\Http\ContentSecurityPolicy(); - $csp->addAllowedImageDomain('*'); - $csp->addAllowedMediaDomain('*'); - $csp->addAllowedFrameDomain('https://youtube.com'); - $csp->addAllowedFrameDomain('https://www.youtube.com'); - $csp->addAllowedFrameDomain('https://player.vimeo.com'); - $csp->addAllowedFrameDomain('https://www.player.vimeo.com'); - $response->setContentSecurityPolicy($csp); - } + $csp = new ContentSecurityPolicy(); + $csp->addAllowedImageDomain('*'); + $csp->addAllowedMediaDomain('*'); + $csp->addAllowedFrameDomain('https://youtube.com'); + $csp->addAllowedFrameDomain('https://www.youtube.com'); + $csp->addAllowedFrameDomain('https://player.vimeo.com'); + $csp->addAllowedFrameDomain('https://www.player.vimeo.com'); + $response->setContentSecurityPolicy($csp); return $response; } |