Skip to content
Snippets Groups Projects
Commit 293e7bdc authored by Lukas Reschke's avatar Lukas Reschke
Browse files

Notice about changing the standard policy

parent 0517465f
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 1 addition and 0 deletions
lib/template.php
+ 1
0
View file @ 293e7bdc
...@@ -191,6 +191,7 @@ class OC_Template{ ...@@ -191,6 +191,7 @@ class OC_Template{
header('X-Content-Type-Options: nosniff'); // Disable sniffing the content type for IE header('X-Content-Type-Options: nosniff'); // Disable sniffing the content type for IE
// Content Security Policy // Content Security Policy
// If you change the standard policy, please also change it in config.sample.php
$policy = OC_Config::getValue('custom_csp_policy', 'default-src \'self\'; script-src \'self\' \'unsafe-eval\'; style-src \'self\' \'unsafe-inline\'; frame-src *'); $policy = OC_Config::getValue('custom_csp_policy', 'default-src \'self\'; script-src \'self\' \'unsafe-eval\'; style-src \'self\' \'unsafe-inline\'; frame-src *');
header('Content-Security-Policy:'.$policy); // Standard header('Content-Security-Policy:'.$policy); // Standard
header('X-WebKit-CSP:'.$policy); // Older webkit browsers header('X-WebKit-CSP:'.$policy); // Older webkit browsers
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment