upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-02-15 16:59:47 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 7
nextcloud/lib/private/Template
History
Ferdinand Thiessen 2916e5df7e
feat: Provide CSP nonce as <meta> element 
This way we use the CSP nonce for dynamically loaded scripts.
Important to notice: The CSP nonce must NOT be injected in `content` as
this can lead to value exfiltration using e.g. side-channel attacts (CSS selectors).

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2024-08-13 10:32:44 +02:00
..
Base.php feat: Provide CSP nonce as <meta> element 2024-08-13 10:32:44 +02:00
CSSResourceLocator.php chore: Add SPDX header 2024-05-24 13:11:22 +02:00
JSCombiner.php chore: Add SPDX header 2024-05-24 13:11:22 +02:00
JSConfigHelper.php feat: let users configure their first day of week 2024-07-22 22:35:46 +02:00
JSResourceLocator.php chore: Add SPDX header 2024-05-24 13:11:22 +02:00
ResourceLocator.php chore: Add SPDX header 2024-05-24 13:11:22 +02:00
ResourceNotFoundException.php chore: Add SPDX header 2024-05-24 13:11:22 +02:00
TemplateFileLocator.php chore: Add SPDX header 2024-05-24 13:11:22 +02:00