Nextcloud PHP API (master)

IContentSecurityPolicyManager
in

Used for Content Security Policy manipulations

listen to the AddContentSecurityPolicyEvent to add a policy

Tags
since
9.0.0

Table of Contents

Methods

addDefaultPolicy()  : mixed
Allows to inject something into the default content policy. This is for example useful when you're injecting Javascript code into a view belonging to another controller and cannot modify its Content-Security-Policy itself.

Methods

addDefaultPolicy()

Allows to inject something into the default content policy. This is for example useful when you're injecting Javascript code into a view belonging to another controller and cannot modify its Content-Security-Policy itself.

public addDefaultPolicy(EmptyContentSecurityPolicy $policy) : mixed

listen to the AddContentSecurityPolicyEvent to add a policy

Note that the adjustment is only applied to applications that use AppFramework controllers.

To use this from your app.php use \OC::$server->getContentSecurityPolicyManager()->addDefaultPolicy($policy), $policy has to be of type \OCP\AppFramework\Http\ContentSecurityPolicy.

WARNING: Using this API incorrectly may make the instance more insecure. Do think twice before adding whitelisting resources. Please do also note that it is not possible to use the disallowXYZ functions.

Parameters
$policy : EmptyContentSecurityPolicy
Tags
since
9.0.0 

        

        
    




    

    

                                

                

                            
    

        On this page

        
    


                

                            

            

    

        

            
Search results