IContentSecurityPolicyManager
Used for Content Security Policy manipulations
Tags
Table of Contents
- addDefaultPolicy() : mixed
- Allows to inject something into the default content policy. This is for example useful when you're injecting Javascript code into a view belonging to another controller and cannot modify its Content-Security-Policy itself.
Methods
addDefaultPolicy()
Allows to inject something into the default content policy. This is for example useful when you're injecting Javascript code into a view belonging to another controller and cannot modify its Content-Security-Policy itself.
public
addDefaultPolicy(EmptyContentSecurityPolicy $policy) : mixed
Note that the adjustment is only applied to applications that use AppFramework controllers.
To use this from your app.php use \OC::$server->getContentSecurityPolicyManager()->addDefaultPolicy($policy),
$policy has to be of type \OCP\AppFramework\Http\ContentSecurityPolicy.
WARNING: Using this API incorrectly may make the instance more insecure.
Do think twice before adding whitelisting resources. Please do also note
that it is not possible to use the disallowXYZ functions.
Parameters
- $policy : EmptyContentSecurityPolicy