Merge pull request #59544 from nextcloud/chore/remove-deprecated-methods

Remove long-time deprecated methods

Author: CarlSchwan

lib/composer/composer/autoload_classmap.php

@@ -126,9 +126,6 @@
     'OCP\\AppFramework\\Http\\StandaloneTemplateResponse' => $baseDir . '/lib/public/AppFramework/Http/StandaloneTemplateResponse.php',
     'OCP\\AppFramework\\Http\\StreamResponse' => $baseDir . '/lib/public/AppFramework/Http/StreamResponse.php',
     'OCP\\AppFramework\\Http\\StreamTraversableResponse' => $baseDir . '/lib/public/AppFramework/Http/StreamTraversableResponse.php',
-    'OCP\\AppFramework\\Http\\StrictContentSecurityPolicy' => $baseDir . '/lib/public/AppFramework/Http/StrictContentSecurityPolicy.php',
-    'OCP\\AppFramework\\Http\\StrictEvalContentSecurityPolicy' => $baseDir . '/lib/public/AppFramework/Http/StrictEvalContentSecurityPolicy.php',
-    'OCP\\AppFramework\\Http\\StrictInlineContentSecurityPolicy' => $baseDir . '/lib/public/AppFramework/Http/StrictInlineContentSecurityPolicy.php',
     'OCP\\AppFramework\\Http\\TemplateResponse' => $baseDir . '/lib/public/AppFramework/Http/TemplateResponse.php',
     'OCP\\AppFramework\\Http\\Template\\ExternalShareMenuAction' => $baseDir . '/lib/public/AppFramework/Http/Template/ExternalShareMenuAction.php',
     'OCP\\AppFramework\\Http\\Template\\IMenuAction' => $baseDir . '/lib/public/AppFramework/Http/Template/IMenuAction.php',

lib/composer/composer/autoload_static.php

@@ -167,9 +167,6 @@ class ComposerStaticInit749170dad3f5e7f9ca158f5a9f04f6a2
         'OCP\\AppFramework\\Http\\StandaloneTemplateResponse' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/StandaloneTemplateResponse.php',
         'OCP\\AppFramework\\Http\\StreamResponse' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/StreamResponse.php',
         'OCP\\AppFramework\\Http\\StreamTraversableResponse' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/StreamTraversableResponse.php',
-        'OCP\\AppFramework\\Http\\StrictContentSecurityPolicy' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/StrictContentSecurityPolicy.php',
-        'OCP\\AppFramework\\Http\\StrictEvalContentSecurityPolicy' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/StrictEvalContentSecurityPolicy.php',
-        'OCP\\AppFramework\\Http\\StrictInlineContentSecurityPolicy' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/StrictInlineContentSecurityPolicy.php',
         'OCP\\AppFramework\\Http\\TemplateResponse' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/TemplateResponse.php',
         'OCP\\AppFramework\\Http\\Template\\ExternalShareMenuAction' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/Template/ExternalShareMenuAction.php',
         'OCP\\AppFramework\\Http\\Template\\IMenuAction' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/Template/IMenuAction.php',

lib/private/Collaboration/Resources/Manager.php

@@ -457,11 +457,6 @@ public function invalidateAccessCacheForProviderByUser(IProvider $provider, ?IUs
 		$query->executeStatement();
 	}
 
-	public function registerResourceProvider(string $provider): void {
-		$this->logger->debug('\OC\Collaboration\Resources\Manager::registerResourceProvider is deprecated', ['provider' => $provider]);
-		$this->providerManager->registerResourceProvider($provider);
-	}
-
 	/**
 	 * Get the resource type of the provider
 	 *

lib/private/Notification/Manager.php

@@ -90,22 +90,6 @@ public function registerApp(string $appClass): void {
 		}
 	}
 
-	/**
-	 * @param \Closure $service The service must implement INotifier, otherwise a
-	 *                          \InvalidArgumentException is thrown later
-	 * @param \Closure $info An array with the keys 'id' and 'name' containing
-	 *                       the app id and the app name
-	 * @deprecated 17.0.0 use registerNotifierService instead.
-	 * @since 8.2.0 - Parameter $info was added in 9.0.0
-	 */
-	public function registerNotifier(\Closure $service, \Closure $info): void {
-		$infoData = $info();
-		$exception = new \InvalidArgumentException(
-			'Notifier ' . $infoData['name'] . ' (id: ' . $infoData['id'] . ') is not considered because it is using the old way to register.'
-		);
-		$this->logger->error($exception->getMessage(), ['exception' => $exception]);
-	}
-
 	/**
 	 * @param string $notifierService The service must implement INotifier, otherwise a
 	 *                                \InvalidArgumentException is thrown later

lib/private/Security/CSP/ContentSecurityPolicy.php

@@ -24,17 +24,6 @@ public function setInlineScriptAllowed(bool $inlineScriptAllowed): void {
 		$this->inlineScriptAllowed = $inlineScriptAllowed;
 	}
 
-	public function isEvalScriptAllowed(): bool {
-		return $this->evalScriptAllowed;
-	}
-
-	/**
-	 * @deprecated 17.0.0 Unsafe eval should not be used anymore.
-	 */
-	public function setEvalScriptAllowed(bool $evalScriptAllowed): void {
-		$this->evalScriptAllowed = $evalScriptAllowed;
-	}
-
 	public function isEvalWasmAllowed(): ?bool {
 		return $this->evalWasmAllowed;
 	}
@@ -115,21 +104,6 @@ public function setAllowedFontDomains($allowedFontDomains): void {
 		$this->allowedFontDomains = $allowedFontDomains;
 	}
 
-	/**
-	 * @deprecated 15.0.0 use FrameDomains and WorkerSrcDomains
-	 */
-	public function getAllowedChildSrcDomains(): array {
-		return $this->allowedChildSrcDomains;
-	}
-
-	/**
-	 * @param array $allowedChildSrcDomains
-	 * @deprecated 15.0.0 use FrameDomains and WorkerSrcDomains
-	 */
-	public function setAllowedChildSrcDomains($allowedChildSrcDomains): void {
-		$this->allowedChildSrcDomains = $allowedChildSrcDomains;
-	}
-
 	public function getAllowedFrameAncestors(): array {
 		return $this->allowedFrameAncestors;
 	}

lib/public/AppFramework/Http/ContentSecurityPolicy.php

@@ -24,8 +24,6 @@
 class ContentSecurityPolicy extends EmptyContentSecurityPolicy {
 	/** @var bool Whether inline JS snippets are allowed */
 	protected $inlineScriptAllowed = false;
-	/** @var bool Whether eval in JS scripts is allowed */
-	protected $evalScriptAllowed = false;
 	/** @var bool Whether WebAssembly compilation is allowed */
 	protected ?bool $evalWasmAllowed = false;
 	/** @var bool Whether strict-dynamic should be set */
@@ -69,8 +67,6 @@ class ContentSecurityPolicy extends EmptyContentSecurityPolicy {
 		'\'self\'',
 		'data:',
 	];
-	/** @var array Domains from which web-workers and nested browsing content can load elements */
-	protected $allowedChildSrcDomains = [];
 
 	/** @var array Domains which can embed this Nextcloud instance */
 	protected $allowedFrameAncestors = [

lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php

@@ -24,12 +24,6 @@ class EmptyContentSecurityPolicy {
 	protected $strictDynamicAllowed = null;
 	/** @var bool Whether strict-dynamic should be used on script-src-elem */
 	protected $strictDynamicAllowedOnScripts = null;
-	/**
-	 * @var bool Whether eval in JS scripts is allowed
-	 *           TODO: Disallow per default
-	 * @link https://github.com/owncloud/core/issues/11925
-	 */
-	protected $evalScriptAllowed = null;
 	/** @var bool Whether WebAssembly compilation is allowed */
 	protected ?bool $evalWasmAllowed = null;
 	/** @var array Domains from which scripts can get loaded */
@@ -54,8 +48,6 @@ class EmptyContentSecurityPolicy {
 	protected $allowedFrameDomains = null;
 	/** @var array Domains from which fonts can be loaded */
 	protected $allowedFontDomains = null;
-	/** @var array Domains from which web-workers and nested browsing content can load elements */
-	protected $allowedChildSrcDomains = null;
 	/** @var array Domains which can embed this Nextcloud instance */
 	protected $allowedFrameAncestors = null;
 	/** @var array Domains from which web-workers can be loaded */
@@ -101,18 +93,6 @@ public function useJsNonce($nonce) {
 		return $this;
 	}
 
-	/**
-	 * Whether eval in JavaScript is allowed or forbidden
-	 * @param bool $state
-	 * @return $this
-	 * @since 8.1.0
-	 * @deprecated 17.0.0 Eval should not be used anymore. Please update your scripts. This function will stop functioning in a future version of Nextcloud.
-	 */
-	public function allowEvalScript($state = true) {
-		$this->evalScriptAllowed = $state;
-		return $this;
-	}
-
 	/**
 	 * Whether WebAssembly compilation is allowed or forbidden
 	 * @param bool $state
@@ -323,31 +303,6 @@ public function disallowFrameDomain($domain) {
 		return $this;
 	}
 
-	/**
-	 * Domains from which web-workers and nested browsing content can load elements
-	 * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
-	 * @return $this
-	 * @since 8.1.0
-	 * @deprecated 15.0.0 use addAllowedWorkerSrcDomains or addAllowedFrameDomain
-	 */
-	public function addAllowedChildSrcDomain($domain) {
-		$this->allowedChildSrcDomains[] = $domain;
-		return $this;
-	}
-
-	/**
-	 * Remove the specified allowed child src domain from the allowed domains.
-	 *
-	 * @param string $domain
-	 * @return $this
-	 * @since 8.1.0
-	 * @deprecated 15.0.0 use the WorkerSrcDomains or FrameDomain
-	 */
-	public function disallowChildSrcDomain($domain) {
-		$this->allowedChildSrcDomains = array_diff($this->allowedChildSrcDomains, [$domain]);
-		return $this;
-	}
-
 	/**
 	 * Domains which can embed an iFrame of the Nextcloud instance
 	 *
@@ -441,7 +396,7 @@ public function buildPolicy() {
 		$policy .= "base-uri 'none';";
 		$policy .= "manifest-src 'self';";
 
-		if (!empty($this->allowedScriptDomains) || $this->evalScriptAllowed || $this->evalWasmAllowed || is_string($this->jsNonce)) {
+		if (!empty($this->allowedScriptDomains) || $this->evalWasmAllowed || is_string($this->jsNonce)) {
 			$policy .= 'script-src ';
 			$scriptSrc = '';
 			if (is_string($this->jsNonce)) {
@@ -459,9 +414,6 @@ public function buildPolicy() {
 			if (is_array($this->allowedScriptDomains)) {
 				$scriptSrc .= implode(' ', $this->allowedScriptDomains);
 			}
-			if ($this->evalScriptAllowed) {
-				$scriptSrc .= ' \'unsafe-eval\'';
-			}
 			if ($this->evalWasmAllowed) {
 				$scriptSrc .= ' \'wasm-unsafe-eval\'';
 			}
@@ -517,11 +469,6 @@ public function buildPolicy() {
 			$policy .= ';';
 		}
 
-		if (!empty($this->allowedChildSrcDomains)) {
-			$policy .= 'child-src ' . implode(' ', $this->allowedChildSrcDomains);
-			$policy .= ';';
-		}
-
 		if (!empty($this->allowedFrameAncestors)) {
 			$policy .= 'frame-ancestors ' . implode(' ', $this->allowedFrameAncestors);
 			$policy .= ';';