Nextcloud PHP API (master)

IContentSecurityPolicyManager
in

Used for Content Security Policy manipulations

Tags
since
9.0.0
deprecated
17.0.0

listen to the AddContentSecurityPolicyEvent to add a policy

Table of Contents

Methods

addDefaultPolicy()  : mixed
Allows to inject something into the default content policy. This is for example useful when you're injecting Javascript code into a view belonging to another controller and cannot modify its Content-Security-Policy itself.

Methods

addDefaultPolicy()

Allows to inject something into the default content policy. This is for example useful when you're injecting Javascript code into a view belonging to another controller and cannot modify its Content-Security-Policy itself.

public addDefaultPolicy(EmptyContentSecurityPolicy $policy) : mixed

Note that the adjustment is only applied to applications that use AppFramework controllers.

To use this from your app.php use \OC::$server->getContentSecurityPolicyManager()->addDefaultPolicy($policy), $policy has to be of type \OCP\AppFramework\Http\ContentSecurityPolicy.

WARNING: Using this API incorrectly may make the instance more insecure. Do think twice before adding whitelisting resources. Please do also note that it is not possible to use the disallowXYZ functions.

Parameters
$policy : EmptyContentSecurityPolicy
Tags
since
9.0.0
deprecated
17.0.0

listen to the AddContentSecurityPolicyEvent to add a policy


        

        
    




    

    

                                

                

                            
    

        On this page

        
    


                

                            

            

    

        

            
Search results