17 Commits

Author	SHA1	Message	Date
ralf	a80d810926	fix broken setting of CSP via hook since commit a304f34e6b ... (fix PHP Error: [] operator not supported for strings)	2022-07-08 14:15:30 +02:00
ralf	a304f34e6b	fix PHP Error: [] operator not supported for strings	2022-06-29 08:59:59 +02:00
ralf	669f679fbc	change our CSP to allow data: for connect-src, which is used by Shoelace to "load" icons	2022-06-13 13:19:54 +02:00
ralf	ef7c175814	remove jQueryUI DateTime picker and splitter and use them also for eTemplates marked as legacy	2022-04-29 17:05:43 +02:00
Ralf Becker	592b7fb97d	replace LAB.js with native es5 loading	2021-06-05 20:39:39 +02:00
Hadi Nategh	72769e7a43	* HTML Editor: fix bug in editing uploaded image	2020-10-19 11:14:52 +02:00
Ralf Becker	7428e2d7cd	do not add path of url to CSP	2020-07-07 13:18:28 +02:00
Ralf Becker	9a548dca68	fix csp-*-source hook not run, if Api\Header\ContenSecurity::add() was called	2020-04-30 17:31:46 +02:00
Ralf Becker	57ab6f667c	adding CSP frame-ancestors 'self' policy to mitigate clickjacking	2020-01-28 18:19:40 +01:00
Ralf Becker	2ea9549dcf	stricter CSP policy for mail body	2020-01-28 17:45:36 +01:00
Ralf Becker	d8289ef29d	stricter CSP policy	2020-01-28 17:14:51 +01:00
Ralf Becker	bf844b7598	support for new Swoole push server	2019-11-04 09:29:49 +01:00
Hadi Nategh	c5c09c4f9f	Deprecate CKEDITOR and remove it from source	2019-01-25 12:41:13 +01:00
Hadi Nategh	c7089cadd9	Revert unintentional changes to mrconfig and ContentSecurityPolicy from commitacdf079fb180490d8659fad0f4c20dd74ea78503	2017-01-05 15:04:53 +01:00
Hadi Nategh	acdf079fb1	* Etemplate: Fix error "Etemplate\Api\Auth not found" happening while to login	2017-01-05 14:59:20 +01:00
Ralf Becker	e87cbc4832	use static Hooks methods	2016-05-11 18:58:10 +00:00
Ralf Becker	99714aa9e9	move egw_framework::csp_*_source_attrs($attrs) to Api\Header\ContentSecurityPolicy::add(*-src, $attrs) and egw_ckeditor_config to Api\Html\CkEditorConfig	2016-03-13 14:08:31 +00:00