diff --git a/sources/patches_last_version/app-00-add-logout_url-conf.patch b/sources/patches_last_version/app-00-add-logout_url-conf.patch index 3659fb1..2e70ba7 100644 --- a/sources/patches_last_version/app-00-add-logout_url-conf.patch +++ b/sources/patches_last_version/app-00-add-logout_url-conf.patch @@ -1,14 +1,62 @@ + core/Controller/LoginController.php | 25 ++++++++++++++----------- + 1 file changed, 14 insertions(+), 11 deletions(-) + +diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php +index 182d2bc106..82523e306e 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php -@@ -119,7 +119,10 @@ +@@ -95,13 +95,13 @@ class LoginController extends Controller { + * @param Throttler $throttler + */ + public function __construct($appName, +- IRequest $request, +- IUserManager $userManager, +- IConfig $config, +- ISession $session, +- IUserSession $userSession, +- IURLGenerator $urlGenerator, +- ILogger $logger, ++ IRequest $request, ++ IUserManager $userManager, ++ IConfig $config, ++ ISession $session, ++ IUserSession $userSession, ++ IURLGenerator $urlGenerator, ++ ILogger $logger, + Manager $twoFactorManager, + Defaults $defaults, + Throttler $throttler) { +@@ -130,7 +130,10 @@ class LoginController extends Controller { } $this->userSession->logout(); - + - $response = new RedirectResponse($this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm')); + $redirectUrl = $this->config->getSystemValue('logout_url', -+ $this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm') ++ $this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm') + ); + $response = new RedirectResponse($redirectUrl); - $response->addHeader('Clear-Site-Data', '"cache", "cookies", "storage", "executionContexts"'); + $response->addHeader('Clear-Site-Data', '"cache", "storage", "executionContexts"'); return $response; } +@@ -303,10 +306,10 @@ class LoginController extends Controller { + $previousUser = $user; + $user = $users[0]->getUID(); + if($user !== $previousUser) { +- $loginResult = $this->userManager->checkPassword($user, $password); +- } ++ $loginResult = $this->userManager->checkPassword($user, $password); + } + } ++ } + + if ($loginResult === false) { + $this->logger->warning('Login failed: \''. $user . +@@ -314,7 +317,7 @@ class LoginController extends Controller { + ['app' => 'core']); + return $this->createLoginFailedResponse($user, $originalUser, + $redirect_url, self::LOGIN_MSG_INVALIDPASSWORD); +- } ++ } + + // TODO: remove password checks from above and let the user session handle failures + // requires https://github.com/owncloud/core/pull/24616 diff --git a/sources/patches_last_version/app-01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch b/sources/patches_last_version/app-01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch index f5ced3a..42d6d99 100644 --- a/sources/patches_last_version/app-01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch +++ b/sources/patches_last_version/app-01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch @@ -1,33 +1,33 @@ - lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php | 4 ++++ - lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php | 3 ++- - 2 files changed, 6 insertions(+), 1 deletion(-) - -diff --git a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php -index 85ae127f5f..91618a09fc 100644 ---- a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php -+++ b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php -@@ -65,6 +65,10 @@ class ContentSecurityPolicyNonceManager { - * @return bool - */ - public function browserSupportsCspV3() { -+ // YunoHost patch: disable CSPv3 nonces to: -+ // - avoid white page on first login from YunoHost portal -+ // - allow YunoHost tile display -+ return false; - $browserWhitelist = [ - Request::USER_AGENT_CHROME, - // Firefox 45+ -diff --git a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php -index 64d4eb6e5d..59d5885620 100644 ---- a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php -+++ b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php -@@ -377,7 +377,8 @@ class EmptyContentSecurityPolicy { - - if(!empty($this->allowedFontDomains)) { - $policy .= 'font-src ' . implode(' ', $this->allowedFontDomains); -- $policy .= ';'; -+ // YunoHost patch: extend font-src to load data fonts embedded in YunoHost tile script -+ $policy .= ' data:;'; - } - - if(!empty($this->allowedConnectDomains)) { + lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php | 4 ++++ + lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php | 3 ++- + 2 files changed, 6 insertions(+), 1 deletion(-) + +diff --git a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php +index 088fb2d859..15b05b75d1 100644 +--- a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php ++++ b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php +@@ -70,6 +70,10 @@ class ContentSecurityPolicyNonceManager { + * @return bool + */ + public function browserSupportsCspV3(): bool { ++ // YunoHost patch: disable CSPv3 nonces to: ++ // - avoid white page on first login from YunoHost portal ++ // - allow YunoHost tile display ++ return false; + $browserWhitelist = [ + Request::USER_AGENT_CHROME, + // Firefox 45+ +diff --git a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php +index 6397d32cb9..32281a1734 100644 +--- a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php ++++ b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php +@@ -406,7 +406,8 @@ class EmptyContentSecurityPolicy { + + if(!empty($this->allowedFontDomains)) { + $policy .= 'font-src ' . implode(' ', $this->allowedFontDomains); +- $policy .= ';'; ++ // YunoHost patch: extend font-src to load data fonts embedded in YunoHost tile script ++ $policy .= ' data:;'; + } + + if(!empty($this->allowedConnectDomains)) {