0
0
mirror of https://github.com/nextcloud/server.git synced 2024-12-29 16:38:28 +00:00
nextcloud_server/lib/public/AppFramework/Http/StrictInlineContentSecurityPolicy.php
Andy Scherzinger dae7c159f7
chore: Add SPDX header
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
2024-05-24 13:11:22 +02:00

34 lines
1.0 KiB
PHP

<?php
declare(strict_types=1);
/**
* SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors
* SPDX-License-Identifier: AGPL-3.0-or-later
*/
namespace OCP\AppFramework\Http;
/**
* Class StrictInlineContentSecurityPolicy is a simple helper which allows applications to
* modify the Content-Security-Policy sent by Nextcloud. Per default only JavaScript,
* stylesheets, images, fonts, media and connections from the same domain
* ('self') are allowed.
*
* Even if a value gets modified above defaults will still get appended. Please
* note that Nextcloud ships already with sensible defaults and those policies
* should require no modification at all for most use-cases.
*
* This is a temp helper class from the default ContentSecurityPolicy to allow slow
* migration to a stricter CSP. This does not allow inline styles.
*
* @since 14.0.0
* @deprecated 17.0.0
*/
class StrictInlineContentSecurityPolicy extends ContentSecurityPolicy {
/**
* @since 14.0.0
*/
public function __construct() {
$this->inlineStyleAllowed = false;
}
}