flywithu/ocsms
1
0
Fork 0
mirror of https://github.com/nerzhul/ocsms.git synced 2025-06-07 07:56:23 +00:00
Code Issues Releases Wiki Activity

Fix CSP issue with vue.js

Browse Source
This commit is contained in:
Loïc Blot 2018-12-10 16:14:53 +01:00
parent c9d929e0a7
commit e6a2214bc9
1 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
controller/smscontroller.php
View File

@ -80,7 +80,21 @@ class SmsController extends Controller {
$params = array('user' => $this->userId, $params = array('user' => $this->userId,
'mailboxes' => $mboxes 'mailboxes' => $mboxes
); );
return new TemplateResponse($this->appName, 'main', $params); $response = new TemplateResponse($this->appName, 'main', $params);
$this->addContentSecurityToResponse($response);
return $response;
}
/**
* Adds the domain "data:" to the allowed image domains
* this function is called by reference
*
* @param TemplateResponse $response
*/
private function addContentSecurityToResponse($response) {
$csp = new Http\ContentSecurityPolicy();
$csp->allowEvalScript(true);
$response->setContentSecurityPolicy($csp);
} }
/** /**