New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Move security headers #8183
Move security headers #8183
Conversation
Some headers were currently only added to the templates but not to other components (e.g. SabreDAV / JSON / etc...) The migration to base.php ensures that the headers are served to all requests passing base.php
@@ -213,6 +213,34 @@ public static function checkInstalled() { | |||
} | |||
} | |||
|
|||
/* | |||
* This function adds some security related headers to all requests served via base.php | |||
* The implementation of this function as hto happen here to ensure that all third-party |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hto? 😉
requires at least a litmus test execution to ensure webdav is not broken |
Thanks @DeepDiver1975
The inspection completed: 41 new issues, 26 updated code elements |
🚀 Test Passed. 🚀 |
Litmus test passes successfully:
|
Hopefully summoning some reviewers: @DeepDiver1975 @icewind1991 @schiesbn @blizzz @bantu To review this access the WebDAV file browser (/remote.php/webdav) and verify that the headers are sent. |
👍 Patch looks good. Didn't test. |
Tested, code looks good 👍 |
👍 Tested |
Some headers were currently only added to the templates but not to other components (e.g. SabreDAV / JSON / etc...) The migration to base.php ensures that the headers are served to all requests passing base.php
Some headers were currently only added to the templates but not to other components (e.g. SabreDAV / JSON / etc...)
The migration to base.php ensures that the headers are served to all requests passing base.php