Compare commits
4 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 9ad51dc6cc | |||
| ecd02e13db | |||
| 06aba96872 | |||
| 189ed76a62 |
@ -49,7 +49,12 @@ if (class_exists('\OC\Files\Type\TemplateManager')) {
|
||||
}
|
||||
|
||||
// Whitelist the wopi URL for iframes, required for Firefox
|
||||
$wopiUrl = str_replace("hostname.host", $_SERVER["HTTP_HOST"], \OC::$server->getConfig()->getAppValue('richdocuments', 'wopi_url'));
|
||||
$replaceWith = str_replace("hostname.host", $_SERVER['HTTP_HOST'], $this->config->getAppValue('richdocuments', 'wopi_url'));
|
||||
// Use plain HTTP for .onion/TOR
|
||||
if (strpos($replaceWith, ".onion") !== FALSE) {
|
||||
$replaceWith = str_replace("https://", "http://", $replaceWith);
|
||||
}
|
||||
$wopiUrl = $replaceWith;
|
||||
if ($wopiUrl !== '') {
|
||||
$manager = \OC::$server->getContentSecurityPolicyManager();
|
||||
$policy = new ContentSecurityPolicy();
|
||||
|
||||
@ -5,7 +5,7 @@
|
||||
<description>Collabora Online allows you to to work with all kinds of office documents directly in your browser. This application requires Collabora Cloudsuite to be installed on one of your servers, please read the documentation to learn more about that.</description>
|
||||
<summary>Edit office documents directly in your browser.</summary>
|
||||
<licence>AGPL</licence>
|
||||
<version>9999_1.12.34_dontsellme</version>
|
||||
<version>1.12.34_dontsellme</version>
|
||||
<author>Collabora Productivity based on work of Frank Karlitschek, Victor Dubiniuk</author>
|
||||
<bugs>https://github.com/nextcloud/richdocuments/issues</bugs>
|
||||
<repository type="git">https://github.com/nextcloud/richdocuments.git</repository>
|
||||
|
||||
@ -129,7 +129,12 @@ class DocumentController extends Controller {
|
||||
|
||||
$response = new TemplateResponse('richdocuments', 'documents', $params, 'empty');
|
||||
$policy = new ContentSecurityPolicy();
|
||||
$policy->addAllowedFrameDomain(str_replace("hostname.host", $_SERVER["HTTP_HOST"], $this->appConfig->getAppValue('wopi_url')));
|
||||
$replaceWith = str_replace("hostname.host", $_SERVER['HTTP_HOST'], $this->config->getAppValue('richdocuments', 'wopi_url'));
|
||||
// Use plain HTTP for .onion/TOR
|
||||
if (strpos($replaceWith, ".onion") !== FALSE) {
|
||||
$replaceWith = str_replace("https://", "http://", $replaceWith);
|
||||
}
|
||||
$policy->addAllowedFrameDomain($replaceWith);
|
||||
$policy->allowInlineScript(true);
|
||||
$response->setContentSecurityPolicy($policy);
|
||||
return $response;
|
||||
@ -192,7 +197,12 @@ class DocumentController extends Controller {
|
||||
|
||||
$response = new TemplateResponse('richdocuments', 'documents', $params, 'empty');
|
||||
$policy = new ContentSecurityPolicy();
|
||||
$policy->addAllowedFrameDomain(str_replace("hostname.host", $_SERVER["HTTP_HOST"], $this->appConfig->getAppValue('wopi_url')));
|
||||
$replaceWith = str_replace("hostname.host", $_SERVER['HTTP_HOST'], $this->config->getAppValue('richdocuments', 'wopi_url'));
|
||||
// Use plain HTTP for .onion/TOR
|
||||
if (strpos($replaceWith, ".onion") !== FALSE) {
|
||||
$replaceWith = str_replace("https://", "http://", $replaceWith);
|
||||
}
|
||||
$policy->addAllowedFrameDomain($replaceWith);
|
||||
$policy->allowInlineScript(true);
|
||||
$response->setContentSecurityPolicy($policy);
|
||||
return $response;
|
||||
|
||||
@ -89,6 +89,12 @@ class DiscoveryManager {
|
||||
|
||||
$responseBody = $response->getBody();
|
||||
$replaceWith = str_replace("hostname.host", $_SERVER['HTTP_HOST'], $this->config->getAppValue('richdocuments', 'wopi_url'));
|
||||
|
||||
// Use plain HTTP for .onion/TOR
|
||||
if (strpos($replaceWith, ".onion") !== FALSE) {
|
||||
$replaceWith = str_replace("https://", "http://", $replaceWith);
|
||||
}
|
||||
|
||||
$responseBodyMangled = str_replace($this->config->getAppValue('richdocuments', 'wopi_internal_url'), $replaceWith, $responseBody);
|
||||
// Skylar: Disable saving too, we don't need it if we're not loading ever
|
||||
/*$file->putContent(
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user