Merge pull request #84 from YunoHost-Apps/fix_logout

Fix logout (#83)

sources/patches/app-01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch

@@ -1,33 +1,33 @@
- lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php | 4 ++++
+ lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php | 4 ++++
- lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php    | 3 ++-
+ lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php    | 3 ++-
- 2 files changed, 6 insertions(+), 1 deletion(-)
+ 2 files changed, 6 insertions(+), 1 deletion(-)
-
+
-diff --git a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
+diff --git a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
-index 85ae127f5f..91618a09fc 100644
+index 85ae127f5f..91618a09fc 100644
---- a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
+--- a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
-+++ b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
++++ b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
-@@ -65,6 +65,10 @@ class ContentSecurityPolicyNonceManager {
+@@ -65,6 +65,10 @@ class ContentSecurityPolicyNonceManager {
- 	 * @return bool
+ 	 * @return bool
- 	 */
+ 	 */
- 	public function browserSupportsCspV3() {
+ 	public function browserSupportsCspV3() {
-+		// YunoHost patch: disable CSPv3 nonces to:
++		// YunoHost patch: disable CSPv3 nonces to:
-+		// - avoid white page on first login from YunoHost portal
++		// - avoid white page on first login from YunoHost portal
-+		// - allow YunoHost tile display
++		// - allow YunoHost tile display
-+		return false;
++		return false;
- 		$browserWhitelist = [
+ 		$browserWhitelist = [
- 			Request::USER_AGENT_CHROME,
+ 			Request::USER_AGENT_CHROME,
- 			// Firefox 45+
+ 			// Firefox 45+
-diff --git a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
+diff --git a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
-index 64d4eb6e5d..59d5885620 100644
+index 64d4eb6e5d..59d5885620 100644
---- a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
+--- a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
-+++ b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
++++ b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
-@@ -377,7 +377,8 @@ class EmptyContentSecurityPolicy {
+@@ -377,7 +377,8 @@ class EmptyContentSecurityPolicy {
- 
+ 
- 		if(!empty($this->allowedFontDomains)) {
+ 		if(!empty($this->allowedFontDomains)) {
- 			$policy .= 'font-src ' . implode(' ', $this->allowedFontDomains);
+ 			$policy .= 'font-src ' . implode(' ', $this->allowedFontDomains);
--			$policy .= ';';
+-			$policy .= ';';
-+			// YunoHost patch: extend font-src to load data fonts embedded in YunoHost tile script
++			// YunoHost patch: extend font-src to load data fonts embedded in YunoHost tile script
-+			$policy .= ' data:;';
++			$policy .= ' data:;';
- 		}
+ 		}
- 
+ 
- 		if(!empty($this->allowedConnectDomains)) {
+ 		if(!empty($this->allowedConnectDomains)) {