-
Notifications
You must be signed in to change notification settings - Fork 54
Expand file tree
/
Copy pathDisplayController.php
More file actions
73 lines (61 loc) · 2 KB
/
Copy pathDisplayController.php
File metadata and controls
73 lines (61 loc) · 2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
<?php
declare(strict_types=1);
/**
* SPDX-FileCopyrightText: 2026 Nextcloud GmbH and Nextcloud contributors
* SPDX-FileCopyrightText: 2018 Jingtao Yan and files_mindmap contributors
* SPDX-License-Identifier: AGPL-3.0-or-later
*/
namespace OCA\Files_MindMap\Controller;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\ContentSecurityPolicy;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\IRequest;
use OCP\IURLGenerator;
use OCP\IConfig;
use OCP\L10N\IFactory as L10NFactory;
use OCP\ISession;
class DisplayController extends Controller {
/** @var IURLGenerator */
private $urlGenerator;
private $l10nFactory;
/**
* @param string $AppName
* @param IRequest $request
* @param IURLGenerator $urlGenerator
* @param IConfig $config
* @param L10NFactory $l10nFactory
*/
public function __construct(string $AppName,
IRequest $request,
IURLGenerator $urlGenerator,
L10NFactory $l10nFactory) {
parent::__construct($AppName, $request);
$this->urlGenerator = $urlGenerator;
$this->l10nFactory = $l10nFactory;
}
/**
* @PublicPage
* @NoCSRFRequired
*
* @return TemplateResponse
*/
public function showMindmapViewer(): TemplateResponse {
$params = [
'urlGenerator' => $this->urlGenerator,
'lang' => $this->l10nFactory->findLanguage()
];
$response = new TemplateResponse($this->appName, 'viewer', $params, 'blank');
$response->addHeader('Cache-Control', 'no-cache');
$policy = new ContentSecurityPolicy();
$policy->addAllowedFrameDomain('\'self\'');
$policy->addAllowedFrameDomain('data:');
$policy->addAllowedFrameDomain('blob:');
$policy->addAllowedObjectDomain('\'self\'');
$policy->addAllowedObjectDomain('blob:');
$policy->addAllowedFontDomain('data:');
$policy->addAllowedImageDomain('*');
$policy->addAllowedConnectDomain('data:');
$response->setContentSecurityPolicy($policy);
return $response;
}
}