Projekte/web-base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

CORS, trusted domain

Browse Source
This commit is contained in:
Roman Hergenreder
2024-04-11 11:51:50 -04:00
parent a238ad3b7f
commit 3851b7f289
12 changed files with 80 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Core/Elements/Document.class.php
View File

@@ -21,7 +21,6 @@ abstract class Document {
private bool $cspEnabled;
private ?string $cspNonce;
private array $cspWhitelist;
private string $domain;
protected bool $searchable;
protected array $languageModules;
@@ -31,7 +30,6 @@ abstract class Document {
$this->cspNonce = null;
$this->databaseRequired = true;
$this->cspWhitelist = [];
$this->domain = $this->getSettings()->getBaseUrl();
$this->logger = new Logger("Document", $this->getSQL());
$this->searchable = false;
$this->languageModules = ["general"];
@@ -83,7 +81,7 @@ abstract class Document {
public function addCSPWhitelist(string $path) {
$urlParts = parse_url($path);
if (!$urlParts || !isset($urlParts["host"])) {
$this->cspWhitelist[] = $this->domain . $path;
$this->cspWhitelist[] = getProtocol() . "://" . getCurrentHostName() . $path;
} else {
$this->cspWhitelist[] = $path;
}