Adapt CSPv3 disabling patch and add a patch to allow eval in JS scripts for YunoHost tile

2024-09-03 19:55:57 +02:00 · 2018-12-21 00:09:01 +01:00 · 2018-12-21 00:09:01 +01:00 · 33c3ecb3dc
commit 33c3ecb3dc
parent ac68f6a57e
2 changed files with 24 additions and 7 deletions
--- a/sources/patches_last_version/app-01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch
+++ b/sources/patches_last_version/app-01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch
@ -1,9 +1,9 @@
- lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php | 4 ++++
+ .../Security/CSP/ContentSecurityPolicyNonceManager.php        | 4 ++++
 lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php   | 3 ++-
 2 files changed, 6 insertions(+), 1 deletion(-)

 diff --git a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
-index 088fb2d859..15b05b75d1 100644
+index 795d8cc864..5f3c961445 100644
 --- a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
 +++ b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
@@ -70,6 +70,10 @@ class ContentSecurityPolicyNonceManager {
@ -18,10 +18,10 @@ index 088fb2d859..15b05b75d1 100644
 			Request::USER_AGENT_CHROME,
 			// Firefox 45+
 diff --git a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
-index 6397d32cb9..32281a1734 100644
+index 3fcef1d0ef..7ce01a68fc 100644
 --- a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
 +++ b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
-@@ -406,7 +406,8 @@ class EmptyContentSecurityPolicy {
+@@ -449,7 +449,8 @@ class EmptyContentSecurityPolicy {

 		if(!empty($this->allowedFontDomains)) {
 			$policy .= 'font-src ' . implode(' ', $this->allowedFontDomains);
--- a/sources/patches_last_version/app-02-Allow-for-eval-in-JS-scripts-for-YunoHost-tile.patch
+++ b/sources/patches_last_version/app-02-Allow-for-eval-in-JS-scripts-for-YunoHost-tile.patch
@ -0,0 +1,17 @@
+ lib/public/AppFramework/Http/ContentSecurityPolicy.php | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/lib/public/AppFramework/Http/ContentSecurityPolicy.php b/lib/public/AppFramework/Http/ContentSecurityPolicy.php
+index e9ecf00036..8e69c8d2dc 100644
+--- a/lib/public/AppFramework/Http/ContentSecurityPolicy.php
+++ b/lib/public/AppFramework/Http/ContentSecurityPolicy.php
+@@ -44,7 +44,8 @@ class ContentSecurityPolicy extends EmptyContentSecurityPolicy {
+ 	/** @var bool Whether inline JS snippets are allowed */
+ 	protected $inlineScriptAllowed = false;
+ 	/** @var bool Whether eval in JS scripts is allowed */
+-	protected $evalScriptAllowed = false;
+	// YunoHost patch: allow for eval in JS scripts for YunoHost tile
+	protected $evalScriptAllowed = true;
+ 	/** @var array Domains from which scripts can get loaded */
+ 	protected $allowedScriptDomains = [
+ 		'\'self\'',