DontSellMe
/
richdocuments
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Maybe fix things with .onion...

Browse Source
multihost
Skylar Ittner 7 years ago
parent 06aba96872
commit ecd02e13db
2 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File

7
appinfo/app.php
Unescape Escape View File

@ -49,7 +49,12 @@ if (class_exists('\OC\Files\Type\TemplateManager')) {
}
// Whitelist the wopi URL for iframes, required for Firefox
$wopiUrl = str_replace("hostname.host", $_SERVER["HTTP_HOST"], \OC::$server->getConfig()->getAppValue('richdocuments', 'wopi_url'));
$replaceWith = str_replace("hostname.host", $_SERVER['HTTP_HOST'], $this->config->getAppValue('richdocuments', 'wopi_url'));
// Use plain HTTP for .onion/TOR
if (strpos($replaceWith, ".onion") !== FALSE) {
$replaceWith = str_replace("https://", "http://", $replaceWith);
}
$wopiUrl = $replaceWith;
if ($wopiUrl !== '') {
$manager = \OC::$server->getContentSecurityPolicyManager();
$policy = new ContentSecurityPolicy();

14
lib/Controller/DocumentController.php
Unescape Escape View File

@ -129,7 +129,12 @@ class DocumentController extends Controller {
$response = new TemplateResponse('richdocuments', 'documents', $params, 'empty');
$policy = new ContentSecurityPolicy();
$policy->addAllowedFrameDomain(str_replace("hostname.host", $_SERVER["HTTP_HOST"], $this->appConfig->getAppValue('wopi_url')));
$replaceWith = str_replace("hostname.host", $_SERVER['HTTP_HOST'], $this->config->getAppValue('richdocuments', 'wopi_url'));
// Use plain HTTP for .onion/TOR
if (strpos($replaceWith, ".onion") !== FALSE) {
$replaceWith = str_replace("https://", "http://", $replaceWith);
}
$policy->addAllowedFrameDomain($replaceWith);
$policy->allowInlineScript(true);
$response->setContentSecurityPolicy($policy);
return $response;
@ -192,7 +197,12 @@ class DocumentController extends Controller {
$response = new TemplateResponse('richdocuments', 'documents', $params, 'empty');
$policy = new ContentSecurityPolicy();
$policy->addAllowedFrameDomain(str_replace("hostname.host", $_SERVER["HTTP_HOST"], $this->appConfig->getAppValue('wopi_url')));
$replaceWith = str_replace("hostname.host", $_SERVER['HTTP_HOST'], $this->config->getAppValue('richdocuments', 'wopi_url'));
// Use plain HTTP for .onion/TOR
if (strpos($replaceWith, ".onion") !== FALSE) {
$replaceWith = str_replace("https://", "http://", $replaceWith);
}
$policy->addAllowedFrameDomain($replaceWith);
$policy->allowInlineScript(true);
$response->setContentSecurityPolicy($policy);
return $response;

Write Preview
Loading…
Cancel
Save