IContentSecurityPolicyManager

interface OCP\Security\IContentSecurityPolicyManager
Used for Content Security Policy manipulations
Implemented by:OC\Security\CSP\ContentSecurityPolicyManager
Source:lib/public/Security/IContentSecurityPolicyManager.php#38

Methods

public OCP\Security\IContentSecurityPolicyManager::addDefaultPolicy($policy)
Allows to inject something into the default content policy. This is for
example useful when you’re injecting Javascript code into a view belonging
to another controller and cannot modify its Content-Security-Policy itself.
Note that the adjustment is only applied to applications that use AppFramework
controllers.

To use this from your `app.php` use `\OC::$server->getContentSecurityPolicyManager()->addDefaultPolicy($policy)`,
$policy has to be of type `\OCP\AppFramework\Http\ContentSecurityPolicy`.

WARNING: Using this API incorrectly may make the instance more insecure.
Do think twice before adding whitelisting resources. Please do also note
that it is not possible to use the `disallowXYZ` functions.
Source:

lib/public/Security/IContentSecurityPolicyManager.php#57

Parameters:
Since:

9.0.0

Deprecated:

17.0.0 listen to the AddContentSecurityPolicyEvent to add a policy