From 571472ebe33e5deed53ee4ce14994e42d1845422 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= Date: Wed, 6 Dec 2023 10:56:05 +0000 Subject: [PATCH] feat: Add headers for wasm support if CO has hasWASMSupport enabled MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit which was added in: https://github.com/CollaboraOnline/online/pull/7784 Signed-off-by: Caolán McNamara --- lib/Listener/AddContentSecurityPolicyListener.php | 7 ++++++- lib/Listener/BeforeTemplateRenderedListener.php | 15 +++++++++++---- lib/Service/CapabilitiesService.php | 4 ++++ 3 files changed, 21 insertions(+), 5 deletions(-) diff --git a/lib/Listener/AddContentSecurityPolicyListener.php b/lib/Listener/AddContentSecurityPolicyListener.php index edbac8ff8a..ced4bb2664 100644 --- a/lib/Listener/AddContentSecurityPolicyListener.php +++ b/lib/Listener/AddContentSecurityPolicyListener.php @@ -25,6 +25,7 @@ namespace OCA\Richdocuments\Listener; use OCA\Richdocuments\AppConfig; +use OCA\Richdocuments\Service\CapabilitiesService; use OCP\AppFramework\Http\EmptyContentSecurityPolicy; use OCP\EventDispatcher\Event; use OCP\EventDispatcher\IEventListener; @@ -36,6 +37,7 @@ class AddContentSecurityPolicyListener implements IEventListener { public function __construct( private IRequest $request, private AppConfig $config, + private CapabilitiesService $capabilitiesService, ) { } @@ -51,7 +53,10 @@ public function handle(Event $event): void { $policy = new EmptyContentSecurityPolicy(); $policy->addAllowedFrameDomain("'self'"); $policy->addAllowedFrameDomain("nc:"); - $policy->allowEvalWasm(true); + + if ($this->capabilitiesService->hasWASMSupport()) { + $policy->allowEvalWasm(true); + } foreach ($this->config->getDomainList() as $url) { $policy->addAllowedFrameDomain($url); diff --git a/lib/Listener/BeforeTemplateRenderedListener.php b/lib/Listener/BeforeTemplateRenderedListener.php index 775c1925bb..acad7dd035 100644 --- a/lib/Listener/BeforeTemplateRenderedListener.php +++ b/lib/Listener/BeforeTemplateRenderedListener.php @@ -4,20 +4,27 @@ namespace OCA\Richdocuments\Listener; +use OCA\Richdocuments\Service\CapabilitiesService; use OCP\AppFramework\Http\Events\BeforeTemplateRenderedEvent; use OCP\EventDispatcher\Event; use OCP\EventDispatcher\IEventListener; /** @template-implements IEventListener */ class BeforeTemplateRenderedListener implements IEventListener { + private CapabilitiesService $capabilitiesService; + + public function __construct(CapabilitiesService $capabilitiesService) { + $this->capabilitiesService = $capabilitiesService; + } + public function handle(Event $event): void { if (!$event instanceof BeforeTemplateRenderedEvent) { return; } - // FIXME: Might be too wide, we should only do this when needed - - //$event->getResponse()->addHeader('Cross-Origin-Opener-Policy', 'unsafe-none'); - //$event->getResponse()->addHeader('Cross-Origin-Embedder-Policy', 'require-corp'); + if ($this->capabilitiesService->hasWASMSupport()) { + $event->getResponse()->addHeader('Cross-Origin-Opener-Policy', 'same-origin'); + $event->getResponse()->addHeader('Cross-Origin-Embedder-Policy', 'require-corp'); + } } } diff --git a/lib/Service/CapabilitiesService.php b/lib/Service/CapabilitiesService.php index df9df32b80..7bd316f5c9 100644 --- a/lib/Service/CapabilitiesService.php +++ b/lib/Service/CapabilitiesService.php @@ -114,6 +114,10 @@ public function hasZoteroSupport(): bool { return $this->getCapabilities()['hasZoteroSupport'] ?? false; } + public function hasWASMSupport(): bool { + return $this->getCapabilities()['hasWASMSupport'] ?? false; + } + public function getProductName(): string { $theme = $this->config->getAppValue(Application::APPNAME, 'theme', 'nextcloud');