/**
* @brief Constructor
* @param string $app app providing the template
* @param string $name of the template file (without suffix)
* @param string $renderas = ""; produce a full page
* @return OC_Template object
*
* This function creates an OC_Template object.
*
* If $renderas is set, OC_Template will try to produce a full page in the
* according layout. For now, renderas can be set to "guest", "user" or
* "admin".
*/
public function __construct($app, $name, $renderas = "")
{
// Read the selected theme from the config file
$theme = OC_Util::getTheme();
// Read the detected formfactor and use the right file name.
$fext = self::getFormFactorExtension();
$requesttoken = OC::$session ? OC_Util::callRegister() : '';
$parts = explode('/', $app);
// fix translation when app is something like core/lostpassword
$l10n = OC_L10N::get($parts[0]);
$themeDefaults = new OC_Defaults();
list($path, $template) = $this->findTemplate($theme, $app, $name, $fext);
// Set the private data
$this->renderas = $renderas;
$this->path = $path;
parent::__construct($template, $requesttoken, $l10n, $themeDefaults);
// Some headers to enhance security
header('X-XSS-Protection: 1; mode=block');
// Enforce browser based XSS filters
header('X-Content-Type-Options: nosniff');
// Disable sniffing the content type for IE
// iFrame Restriction Policy
$xFramePolicy = OC_Config::getValue('xframe_restriction', true);
if ($xFramePolicy) {
header('X-Frame-Options: Sameorigin');
// Disallow iFraming from other domains
}
// Content Security Policy
// If you change the standard policy, please also change it in config.sample.php
$policy = OC_Config::getValue('custom_csp_policy', 'default-src \'self\'; ' . 'script-src \'self\' \'unsafe-eval\'; ' . 'style-src \'self\' \'unsafe-inline\'; ' . 'frame-src *; ' . 'img-src *; ' . 'font-src \'self\' data:; ' . 'media-src *');
header('Content-Security-Policy:' . $policy);
// Standard
}
/**
* Constructor
* @param string $app app providing the template
* @param string $name of the template file (without suffix)
* @param string $renderas = ""; produce a full page
* @param bool $registerCall = true
* @return OC_Template object
*
* This function creates an OC_Template object.
*
* If $renderas is set, OC_Template will try to produce a full page in the
* according layout. For now, renderas can be set to "guest", "user" or
* "admin".
*/
public function __construct($app, $name, $renderas = "", $registerCall = true)
{
// Read the selected theme from the config file
$theme = OC_Util::getTheme();
$requesttoken = (OC::$server->getSession() and $registerCall) ? OC_Util::callRegister() : '';
$parts = explode('/', $app);
// fix translation when app is something like core/lostpassword
$l10n = \OC::$server->getL10N($parts[0]);
$themeDefaults = new OC_Defaults();
list($path, $template) = $this->findTemplate($theme, $app, $name);
// Set the private data
$this->renderas = $renderas;
$this->path = $path;
$this->app = $app;
parent::__construct($template, $requesttoken, $l10n, $themeDefaults);
}
/**
* @brief Constructor
* @param string $app app providing the template
* @param string $name of the template file (without suffix)
* @param string $renderas = ""; produce a full page
* @return OC_Template object
*
* This function creates an OC_Template object.
*
* If $renderas is set, OC_Template will try to produce a full page in the
* according layout. For now, renderas can be set to "guest", "user" or
* "admin".
*/
public function __construct($app, $name, $renderas = "")
{
// Read the selected theme from the config file
$theme = OC_Util::getTheme();
// Read the detected formfactor and use the right file name.
$fext = self::getFormFactorExtension();
$requesttoken = OC::$session ? OC_Util::callRegister() : '';
$parts = explode('/', $app);
// fix translation when app is something like core/lostpassword
$l10n = OC_L10N::get($parts[0]);
$themeDefaults = new OC_Defaults();
list($path, $template) = $this->findTemplate($theme, $app, $name, $fext);
// Set the private data
$this->renderas = $renderas;
$this->path = $path;
parent::__construct($template, $requesttoken, $l10n, $themeDefaults);
}
