dnrops
/
cryptpad
mirror of https://github.com/xwiki-labs/cryptpad
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix CSP errors in oodoc and ooslide

This commit is contained in:
yflory 2021-10-19 17:09:42 +02:00
parent 844a6a4b96
commit b050f04090
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/example.nginx.conf
View File

@ -64,7 +64,7 @@ server {
add_header Permissions-Policy interest-cohort=();
set $coop '';
if ($uri ~ ^\/(sheet|presentation|doc|convert)\/.*$) { set $coop 'same-origin'; }
#if ($uri ~ ^\/(sheet|presentation|doc|convert)\/.*$) { set $coop 'same-origin'; }
# Enable SharedArrayBuffer in Firefox (for .xlsx export)
add_header Cross-Origin-Resource-Policy cross-origin;
@ -120,7 +120,7 @@ server {
# the following assets are loaded via the sandbox domain
# they unfortunately still require exceptions to the sandboxing to work correctly.
if ($uri ~ ^\/(sheet|doc|presentation)\/inner.html.*$) { set $unsafe 1; }
if ($uri ~ ^\/common\/onlyoffice\/.*\/index\.html.*$) { set $unsafe 1; }
if ($uri ~ ^\/common\/onlyoffice\/.*\/.*\.html.*$) { set $unsafe 1; }
# everything except the sandbox domain is a privileged scope, as they might be used to handle keys
if ($host != $sandbox_domain) { set $unsafe 0; }

4
www/common/onlyoffice/v4/sdkjs/slide/sdk-all-min.js vendored
View File

@ -2004,8 +2004,8 @@ function(){this.WordControl.m_oLogicDocument.bringForward()};asc_docs_api.protot
function(slideNum){this.sendEvent("asc_onDemonstrationSlideChanged",slideNum)};asc_docs_api.prototype.StartDemonstration=function(div_id,slidestart_num,reporterStartObject){if(window.g_asc_plugins)window.g_asc_plugins.stopWorked();var is_reporter=reporterStartObject&&!this.isReporterMode;if(is_reporter)this.DemonstrationReporterStart(reporterStartObject);if(is_reporter&&(this.reporterWindow||window["AscDesktopEditor"]))this.WordControl.DemonstrationManager.StartWaitReporter(div_id,slidestart_num,
true);else this.WordControl.DemonstrationManager.Start(div_id,slidestart_num,true);if(undefined!==this.EndShowMessage){this.WordControl.DemonstrationManager.EndShowMessage=this.EndShowMessage;this.EndShowMessage=undefined}};asc_docs_api.prototype.EndDemonstration=function(isNoUseFullScreen){if(this.windowReporter)this.windowReporter.close();this.WordControl.DemonstrationManager.End(isNoUseFullScreen)};asc_docs_api.prototype.DemonstrationReporterStart=function(startObject){this.reporterStartObject=
startObject;this.reporterStartObject["translate"]=AscCommon.translateManager.mapTranslate;if(window["AscDesktopEditor"]){window["AscDesktopEditor"]["startReporter"](window.location.href);this.reporterWindow={};return}var dualScreenLeft=window.screenLeft!=undefined?window.screenLeft:screen.left;var dualScreenTop=window.screenTop!=undefined?window.screenTop:screen.top;var width=window.innerWidth?window.innerWidth:document.documentElement.clientWidth?document.documentElement.clientWidth:screen.width;
var height=window.innerHeight?window.innerHeight:document.documentElement.clientHeight?document.documentElement.clientHeight:screen.height;var w=800;var h=600;var left=width/2-w/2+dualScreenLeft;var top=height/2-h/2+dualScreenTop;var _windowPos="width="+w+",height="+h+",left="+left+",top="+top;var _url="index.reporter.html";if(this.locale)_url+="?lang="+this.locale;this.reporterWindow=window.open(_url,"_blank","resizable=yes,status=0,toolbar=0,location=0,menubar=0,directories=0,scrollbars=0,"+_windowPos);
if(!this.reporterWindow)return;var w=this.reporterWindow;require(["/common/outer/worker-channel.js","/common/common-util.js"],function(Channel,Util){var msgEv=Util.mkEvent();window.addEventListener("message",function(msg){if(msg.source!==w)return;msgEv.fire(msg)});var postMsg=function(data){w.postMessage(data,"*")};Channel.create(msgEv,postMsg,function(chan){var send=function(obj){chan.event("CMD",obj)};chan.on("CMD",function(obj){if(obj.type!=="auth")return;send({type:"authChanges",changes:[]});
var height=window.innerHeight?window.innerHeight:document.documentElement.clientHeight?document.documentElement.clientHeight:screen.height;var w=800;var h=600;var left=width/2-w/2+dualScreenLeft;var top=height/2-h/2+dualScreenTop;var _windowPos="width="+w+",height="+h+",left="+left+",top="+top;var urlArgs=window.parent&&window.parent.APP&&window.parent.APP.urlArgs||"";var _url="index.reporter.html?"+urlArgs;if(this.locale)_url+="&lang="+this.locale;this.reporterWindow=window.open(_url,"_blank","resizable=yes,status=0,toolbar=0,location=0,menubar=0,directories=0,scrollbars=0,"+
_windowPos);if(!this.reporterWindow)return;var w=this.reporterWindow;require(["/common/outer/worker-channel.js","/common/common-util.js"],function(Channel,Util){var msgEv=Util.mkEvent();window.addEventListener("message",function(msg){if(msg.source!==w)return;msgEv.fire(msg)});var postMsg=function(data){w.postMessage(data,"*")};Channel.create(msgEv,postMsg,function(chan){var send=function(obj){chan.event("CMD",obj)};chan.on("CMD",function(obj){if(obj.type!=="auth")return;send({type:"authChanges",changes:[]});
send({type:"auth",result:1,sessionId:"06348ca8f861a0af3548ae38360aa617",participants:[],locks:[],changes:[],changesIndex:0,indexUser:0,buildVersion:"5.2.6",buildNumber:2,licenseType:3});send({type:"documentOpen",data:{"type":"open","status":"ok","data":{"Editor.bin":editor.reporterStartObject.url}}})})})});this.reporterWindowCounter=0;if(!AscCommon.AscBrowser.isSafariMacOs)this.reporterWindow.onbeforeunload=function(){window.editor.EndDemonstration()};this.reporterWindow.onunload=function(){window.editor.reporterWindowCounter++;
if(1<window.editor.reporterWindowCounter)window.editor.EndDemonstration()};if(this.reporterWindow.attachEvent)this.reporterWindow.attachEvent("onmessage",this.DemonstrationReporterMessages);else this.reporterWindow.addEventListener("message",this.DemonstrationReporterMessages,false)};asc_docs_api.prototype.DemonstrationReporterEnd=function(){if(window["AscDesktopEditor"]){window["AscDesktopEditor"]["endReporter"]();this.reporterWindow=null;return}try{this.reporterWindowCounter=0;if(!this.reporterWindow)return;
if(this.reporterWindow.attachEvent)this.reporterWindow.detachEvent("onmessage",this.DemonstrationReporterMessages);else this.reporterWindow.removeEventListener("message",this.DemonstrationReporterMessages,false);this.reporterWindow.close();this.reporterWindow=null;this.reporterStartObject=null}catch(err){this.reporterWindow=null;this.reporterStartObject=null}};asc_docs_api.prototype.DemonstrationReporterMessages=function(e){var _this=window.editor;if(e.data=="i:am:ready"){var bin=editor.asc_nativeGetFile();