ContentSecurityPolicy.php 5.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * @copyright Copyright (c) 2016, ownCloud, Inc.
  5. *
  6. * @author Lukas Reschke <lukas@statuscode.ch>
  7. * @author Thomas Citharel <tcit@tcit.fr>
  8. *
  9. * @license AGPL-3.0
  10. *
  11. * This code is free software: you can redistribute it and/or modify
  12. * it under the terms of the GNU Affero General Public License, version 3,
  13. * as published by the Free Software Foundation.
  14. *
  15. * This program is distributed in the hope that it will be useful,
  16. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  17. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  18. * GNU Affero General Public License for more details.
  19. *
  20. * You should have received a copy of the GNU Affero General Public License, version 3,
  21. * along with this program. If not, see <http://www.gnu.org/licenses/>
  22. *
  23. */
  24. namespace OC\Security\CSP;
  25. /**
  26. * Class ContentSecurityPolicy extends the public class and adds getter and setters.
  27. * This is necessary since we don't want to expose the setters and getters to the
  28. * public API.
  29. *
  30. * @package OC\Security\CSP
  31. */
  32. class ContentSecurityPolicy extends \OCP\AppFramework\Http\ContentSecurityPolicy {
  33. /**
  34. * @return boolean
  35. */
  36. public function isInlineScriptAllowed(): bool {
  37. return $this->inlineScriptAllowed;
  38. }
  39. /**
  40. * @param boolean $inlineScriptAllowed
  41. */
  42. public function setInlineScriptAllowed(bool $inlineScriptAllowed) {
  43. $this->inlineScriptAllowed = $inlineScriptAllowed;
  44. }
  45. /**
  46. * @return boolean
  47. */
  48. public function isEvalScriptAllowed(): bool {
  49. return $this->evalScriptAllowed;
  50. }
  51. /**
  52. * @param boolean $evalScriptAllowed
  53. */
  54. public function setEvalScriptAllowed(bool $evalScriptAllowed) {
  55. $this->evalScriptAllowed = $evalScriptAllowed;
  56. }
  57. /**
  58. * @return array
  59. */
  60. public function getAllowedScriptDomains(): array {
  61. return $this->allowedScriptDomains;
  62. }
  63. /**
  64. * @param array $allowedScriptDomains
  65. */
  66. public function setAllowedScriptDomains(array $allowedScriptDomains) {
  67. $this->allowedScriptDomains = $allowedScriptDomains;
  68. }
  69. /**
  70. * @return boolean
  71. */
  72. public function isInlineStyleAllowed(): bool {
  73. return $this->inlineStyleAllowed;
  74. }
  75. /**
  76. * @param boolean $inlineStyleAllowed
  77. */
  78. public function setInlineStyleAllowed(bool $inlineStyleAllowed) {
  79. $this->inlineStyleAllowed = $inlineStyleAllowed;
  80. }
  81. /**
  82. * @return array
  83. */
  84. public function getAllowedStyleDomains(): array {
  85. return $this->allowedStyleDomains;
  86. }
  87. /**
  88. * @param array $allowedStyleDomains
  89. */
  90. public function setAllowedStyleDomains(array $allowedStyleDomains) {
  91. $this->allowedStyleDomains = $allowedStyleDomains;
  92. }
  93. /**
  94. * @return array
  95. */
  96. public function getAllowedImageDomains(): array {
  97. return $this->allowedImageDomains;
  98. }
  99. /**
  100. * @param array $allowedImageDomains
  101. */
  102. public function setAllowedImageDomains(array $allowedImageDomains) {
  103. $this->allowedImageDomains = $allowedImageDomains;
  104. }
  105. /**
  106. * @return array
  107. */
  108. public function getAllowedConnectDomains(): array {
  109. return $this->allowedConnectDomains;
  110. }
  111. /**
  112. * @param array $allowedConnectDomains
  113. */
  114. public function setAllowedConnectDomains(array $allowedConnectDomains) {
  115. $this->allowedConnectDomains = $allowedConnectDomains;
  116. }
  117. /**
  118. * @return array
  119. */
  120. public function getAllowedMediaDomains(): array {
  121. return $this->allowedMediaDomains;
  122. }
  123. /**
  124. * @param array $allowedMediaDomains
  125. */
  126. public function setAllowedMediaDomains(array $allowedMediaDomains) {
  127. $this->allowedMediaDomains = $allowedMediaDomains;
  128. }
  129. /**
  130. * @return array
  131. */
  132. public function getAllowedObjectDomains(): array {
  133. return $this->allowedObjectDomains;
  134. }
  135. /**
  136. * @param array $allowedObjectDomains
  137. */
  138. public function setAllowedObjectDomains(array $allowedObjectDomains) {
  139. $this->allowedObjectDomains = $allowedObjectDomains;
  140. }
  141. /**
  142. * @return array
  143. */
  144. public function getAllowedFrameDomains(): array {
  145. return $this->allowedFrameDomains;
  146. }
  147. /**
  148. * @param array $allowedFrameDomains
  149. */
  150. public function setAllowedFrameDomains(array $allowedFrameDomains) {
  151. $this->allowedFrameDomains = $allowedFrameDomains;
  152. }
  153. /**
  154. * @return array
  155. */
  156. public function getAllowedFontDomains(): array {
  157. return $this->allowedFontDomains;
  158. }
  159. /**
  160. * @param array $allowedFontDomains
  161. */
  162. public function setAllowedFontDomains($allowedFontDomains) {
  163. $this->allowedFontDomains = $allowedFontDomains;
  164. }
  165. /**
  166. * @return array
  167. * @deprecated 15.0.0 use FrameDomains and WorkerSrcDomains
  168. */
  169. public function getAllowedChildSrcDomains(): array {
  170. return $this->allowedChildSrcDomains;
  171. }
  172. /**
  173. * @param array $allowedChildSrcDomains
  174. * @deprecated 15.0.0 use FrameDomains and WorkerSrcDomains
  175. */
  176. public function setAllowedChildSrcDomains($allowedChildSrcDomains) {
  177. $this->allowedChildSrcDomains = $allowedChildSrcDomains;
  178. }
  179. /**
  180. * @return array
  181. */
  182. public function getAllowedFrameAncestors(): array {
  183. return $this->allowedFrameAncestors;
  184. }
  185. /**
  186. * @param array $allowedFrameAncestors
  187. */
  188. public function setAllowedFrameAncestors($allowedFrameAncestors) {
  189. $this->allowedFrameAncestors = $allowedFrameAncestors;
  190. }
  191. public function getAllowedWorkerSrcDomains(): array {
  192. return $this->allowedWorkerSrcDomains;
  193. }
  194. public function setAllowedWorkerSrcDomains(array $allowedWorkerSrcDomains) {
  195. $this->allowedWorkerSrcDomains = $allowedWorkerSrcDomains;
  196. }
  197. public function getReportTo(): array {
  198. return $this->reportTo;
  199. }
  200. public function setReportTo(array $reportTo) {
  201. $this->reportTo = $reportTo;
  202. }
  203. }