ContentSecurityPolicy

class OC\Security\CSP\ContentSecurityPolicy
Class ContentSecurityPolicy extends the public class and adds getter and setters.
This is necessary since we don’t want to expose the setters and getters to the
public API.
Source:lib/private/Security/CSP/ContentSecurityPolicy.php#37
Parent:OCP\AppFramework\Http\ContentSecurityPolicy

Methods

public OC\Security\CSP\ContentSecurityPolicy::isInlineScriptAllowed()
Source:lib/private/Security/CSP/ContentSecurityPolicy.php#41
Returns:bool
public OC\Security\CSP\ContentSecurityPolicy::setInlineScriptAllowed($inlineScriptAllowed)
Source:

lib/private/Security/CSP/ContentSecurityPolicy.php#48

Parameters:
  • $inlineScriptAllowed (bool)
public OC\Security\CSP\ContentSecurityPolicy::isEvalScriptAllowed()
Source:lib/private/Security/CSP/ContentSecurityPolicy.php#55
Returns:bool
public OC\Security\CSP\ContentSecurityPolicy::setEvalScriptAllowed($evalScriptAllowed)
Source:

lib/private/Security/CSP/ContentSecurityPolicy.php#64

Parameters:
  • $evalScriptAllowed (bool)
Deprecated:

17.0.0 Unsafe eval should not be used anymore.

public OC\Security\CSP\ContentSecurityPolicy::getAllowedScriptDomains()
Source:lib/private/Security/CSP/ContentSecurityPolicy.php#71
Returns:array
public OC\Security\CSP\ContentSecurityPolicy::setAllowedScriptDomains($allowedScriptDomains)
Source:

lib/private/Security/CSP/ContentSecurityPolicy.php#78

Parameters:
  • $allowedScriptDomains (array)
public OC\Security\CSP\ContentSecurityPolicy::isInlineStyleAllowed()
Source:lib/private/Security/CSP/ContentSecurityPolicy.php#85
Returns:bool
public OC\Security\CSP\ContentSecurityPolicy::setInlineStyleAllowed($inlineStyleAllowed)
Source:

lib/private/Security/CSP/ContentSecurityPolicy.php#92

Parameters:
  • $inlineStyleAllowed (bool)
public OC\Security\CSP\ContentSecurityPolicy::getAllowedStyleDomains()
Source:lib/private/Security/CSP/ContentSecurityPolicy.php#99
Returns:array
public OC\Security\CSP\ContentSecurityPolicy::setAllowedStyleDomains($allowedStyleDomains)
Source:

lib/private/Security/CSP/ContentSecurityPolicy.php#106

Parameters:
  • $allowedStyleDomains (array)
public OC\Security\CSP\ContentSecurityPolicy::getAllowedImageDomains()
Source:lib/private/Security/CSP/ContentSecurityPolicy.php#113
Returns:array
public OC\Security\CSP\ContentSecurityPolicy::setAllowedImageDomains($allowedImageDomains)
Source:

lib/private/Security/CSP/ContentSecurityPolicy.php#120

Parameters:
  • $allowedImageDomains (array)
public OC\Security\CSP\ContentSecurityPolicy::getAllowedConnectDomains()
Source:lib/private/Security/CSP/ContentSecurityPolicy.php#127
Returns:array
public OC\Security\CSP\ContentSecurityPolicy::setAllowedConnectDomains($allowedConnectDomains)
Source:

lib/private/Security/CSP/ContentSecurityPolicy.php#134

Parameters:
  • $allowedConnectDomains (array)
public OC\Security\CSP\ContentSecurityPolicy::getAllowedMediaDomains()
Source:lib/private/Security/CSP/ContentSecurityPolicy.php#141
Returns:array
public OC\Security\CSP\ContentSecurityPolicy::setAllowedMediaDomains($allowedMediaDomains)
Source:

lib/private/Security/CSP/ContentSecurityPolicy.php#148

Parameters:
  • $allowedMediaDomains (array)
public OC\Security\CSP\ContentSecurityPolicy::getAllowedObjectDomains()
Source:lib/private/Security/CSP/ContentSecurityPolicy.php#155
Returns:array
public OC\Security\CSP\ContentSecurityPolicy::setAllowedObjectDomains($allowedObjectDomains)
Source:

lib/private/Security/CSP/ContentSecurityPolicy.php#162

Parameters:
  • $allowedObjectDomains (array)
public OC\Security\CSP\ContentSecurityPolicy::getAllowedFrameDomains()
Source:lib/private/Security/CSP/ContentSecurityPolicy.php#169
Returns:array
public OC\Security\CSP\ContentSecurityPolicy::setAllowedFrameDomains($allowedFrameDomains)
Source:

lib/private/Security/CSP/ContentSecurityPolicy.php#176

Parameters:
  • $allowedFrameDomains (array)
public OC\Security\CSP\ContentSecurityPolicy::getAllowedFontDomains()
Source:lib/private/Security/CSP/ContentSecurityPolicy.php#183
Returns:array
public OC\Security\CSP\ContentSecurityPolicy::setAllowedFontDomains($allowedFontDomains)
Source:

lib/private/Security/CSP/ContentSecurityPolicy.php#190

Parameters:
  • $allowedFontDomains (array)
public OC\Security\CSP\ContentSecurityPolicy::getAllowedChildSrcDomains()
Source:lib/private/Security/CSP/ContentSecurityPolicy.php#198
Returns:array
Deprecated:15.0.0 use FrameDomains and WorkerSrcDomains
public OC\Security\CSP\ContentSecurityPolicy::setAllowedChildSrcDomains($allowedChildSrcDomains)
Source:

lib/private/Security/CSP/ContentSecurityPolicy.php#206

Parameters:
  • $allowedChildSrcDomains (array)
Deprecated:

15.0.0 use FrameDomains and WorkerSrcDomains

public OC\Security\CSP\ContentSecurityPolicy::getAllowedFrameAncestors()
Source:lib/private/Security/CSP/ContentSecurityPolicy.php#213
Returns:array
public OC\Security\CSP\ContentSecurityPolicy::setAllowedFrameAncestors($allowedFrameAncestors)
Source:

lib/private/Security/CSP/ContentSecurityPolicy.php#220

Parameters:
  • $allowedFrameAncestors (array)
public OC\Security\CSP\ContentSecurityPolicy::getAllowedWorkerSrcDomains()
Source:lib/private/Security/CSP/ContentSecurityPolicy.php#224
public OC\Security\CSP\ContentSecurityPolicy::setAllowedWorkerSrcDomains($allowedWorkerSrcDomains)
Source:lib/private/Security/CSP/ContentSecurityPolicy.php#228
public OC\Security\CSP\ContentSecurityPolicy::getAllowedFormActionDomains()
Source:lib/private/Security/CSP/ContentSecurityPolicy.php#232
public OC\Security\CSP\ContentSecurityPolicy::setAllowedFormActionDomains($allowedFormActionDomains)
Source:lib/private/Security/CSP/ContentSecurityPolicy.php#236
public OC\Security\CSP\ContentSecurityPolicy::getReportTo()
Source:lib/private/Security/CSP/ContentSecurityPolicy.php#241
public OC\Security\CSP\ContentSecurityPolicy::setReportTo($reportTo)
Source:lib/private/Security/CSP/ContentSecurityPolicy.php#245