Nextcloud PHP API (stable19)

IContentSecurityPolicyManager

Used for Content Security Policy manipulations

Tags
since
9.0.0
deprecated
17.0.0

listen to the AddContentSecurityPolicyEvent to add a policy

Table of Contents

addDefaultPolicy()  : mixed
Allows to inject something into the default content policy. This is for example useful when you're injecting Javascript code into a view belonging to another controller and cannot modify its Content-Security-Policy itself.

Methods

addDefaultPolicy()

Allows to inject something into the default content policy. This is for example useful when you're injecting Javascript code into a view belonging to another controller and cannot modify its Content-Security-Policy itself.

public addDefaultPolicy(EmptyContentSecurityPolicy $policy) : mixed

Note that the adjustment is only applied to applications that use AppFramework controllers.

To use this from your app.php use \OC::$server->getContentSecurityPolicyManager()->addDefaultPolicy($policy), $policy has to be of type \OCP\AppFramework\Http\ContentSecurityPolicy.

WARNING: Using this API incorrectly may make the instance more insecure. Do think twice before adding whitelisting resources. Please do also note that it is not possible to use the disallowXYZ functions.

Parameters
$policy : EmptyContentSecurityPolicy
Tags
since
9.0.0
deprecated
17.0.0

listen to the AddContentSecurityPolicyEvent to add a policy

Return values
mixed

Search results