Files
nextcloud-server-mirror/tests/lib
Daniel Calviño Sánchez 41f2d912d2 Allow "wasm-unsafe-eval" in CSP
If a page has a Content Security Policy header and the `script-src` (or
`default-src`) directive does not contain neither `wasm-unsafe-eval` nor
`unsafe-eval` loading and executing WebAssembly is blocked in the page
(although it is still possible to load and execute WebAssembly in a
worker thread).

Although the Nextcloud classes to manage the CSP already supported
allowing `unsafe-eval` this affects not only WebAssembly, but also the
`eval` operation in JavaScript.

To make possible to allow WebAssembly execution without allowing
JavaScript `eval` this commit adds support for allowing
`wasm-unsafe-eval`.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2023-08-10 02:38:41 +02:00
..
2023-01-20 11:45:08 +01:00
2022-09-09 14:23:41 +02:00
2022-07-14 15:54:31 +02:00
2023-01-20 11:45:08 +01:00
2023-01-20 11:45:08 +01:00
2023-01-20 11:45:08 +01:00
2023-01-20 11:45:08 +01:00
2022-07-29 12:07:41 +02:00
2023-06-23 17:12:45 +02:00
2023-01-20 11:45:08 +01:00
2022-10-31 16:13:28 +01:00
2023-01-20 11:45:08 +01:00
2023-01-20 11:45:08 +01:00
2023-05-15 18:18:21 +02:00
2023-02-13 22:51:14 +01:00
2022-09-29 15:15:28 +00:00
2023-04-27 12:00:45 +02:00
2023-01-20 11:45:08 +01:00
2023-01-20 11:45:08 +01:00
2023-01-20 11:45:08 +01:00
2023-01-20 11:45:08 +01:00
2023-01-20 11:45:08 +01:00
2023-01-20 11:45:08 +01:00
2023-01-20 11:45:08 +01:00
2023-01-20 11:45:08 +01:00
2022-08-25 16:15:48 +02:00
2023-01-20 11:45:08 +01:00
2023-01-20 11:45:08 +01:00
2023-01-20 11:45:08 +01:00
2023-01-20 11:45:08 +01:00
2023-01-20 11:45:08 +01:00