Exemplo n.º 1
0
 public function testGetPolicyDisallowFrameDomainMultipleStakes()
 {
     $expectedPolicy = "default-src 'none';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self';connect-src 'self';media-src 'self'";
     $this->contentSecurityPolicy->addAllowedFrameDomain('www.owncloud.com');
     $this->contentSecurityPolicy->disallowFrameDomain('www.owncloud.org')->disallowFrameDomain('www.owncloud.com');
     $this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
 }
 public function testGetPolicyFrameDomainValidMultiple()
 {
     $expectedPolicy = "default-src 'none';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self';font-src 'self';connect-src 'self';media-src 'self';frame-src www.owncloud.com www.owncloud.org";
     $this->contentSecurityPolicy->addAllowedFrameDomain('www.owncloud.com');
     $this->contentSecurityPolicy->addAllowedFrameDomain('www.owncloud.org');
     $this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
 }
Exemplo n.º 3
0
 /**
  * @NoAdminRequired
  * @NoCSRFRequired
  */
 public function index()
 {
     $bookmarkleturl = $this->urlgenerator->getAbsoluteURL('index.php/apps/bookmarks/bookmarklet');
     $params = array('user' => $this->userId, 'bookmarkleturl' => $bookmarkleturl);
     $policy = new ContentSecurityPolicy();
     $policy->addAllowedFrameDomain("'self'");
     $response = new TemplateResponse('bookmarks', 'main', $params);
     $response->setContentSecurityPolicy($policy);
     return $response;
 }
 /**
  * @NoAdminRequired
  * @NoCSRFRequired
  */
 public function webRTC()
 {
     $params = [];
     $response = new TemplateResponse(Settings::APP_ID, 'webrtc', $params);
     // Allow to embed iframes
     $csp = new ContentSecurityPolicy();
     //$csp->addAllowedFrameDomain('*');
     $csp->addAllowedFrameDomain(implode(' ', Security::getAllowedIframeDomains()));
     $response->setContentSecurityPolicy($csp);
     return $response;
 }
 /**
  * @NoAdminRequired
  * @NoCSRFRequired
  * @PublicPage
  */
 public function webRTC()
 {
     $params = ['is_guest' => $this->userid === null];
     $response = new TemplateResponse(Settings::APP_ID, 'webrtc', $params, $this->userid === null ? 'empty' : 'user');
     // Allow to embed iframes
     $csp = new ContentSecurityPolicy();
     //$csp->addAllowedFrameDomain('*');
     $csp->addAllowedFrameDomain(implode(' ', Security::getAllowedIframeDomains()));
     $response->setContentSecurityPolicy($csp);
     return $response;
 }
Exemplo n.º 6
0
 /**
  * @PublicPage
  * @NoCSRFRequired
  *
  * @return TemplateResponse
  */
 public function showReader()
 {
     $params = ['urlGenerator' => $this->urlGenerator];
     $response = new TemplateResponse($this->appName, 'reader', $params, 'blank');
     $csp = new ContentSecurityPolicy();
     $csp->addAllowedChildSrcDomain('\'self\'');
     $csp->addAllowedFrameDomain('\'self\'');
     $csp->addAllowedStyleDomain('blob:');
     $csp->addAllowedImageDomain('blob:');
     $response->setContentSecurityPolicy($csp);
     return $response;
 }
Exemplo n.º 7
0
 /**
  * @PublicPage
  * @NoCSRFRequired
  *
  * @return TemplateResponse
  */
 public function showPad($file, $dir)
 {
     /* Retrieve file content to find pad’s URL */
     $content = \OC\Files\Filesystem::file_get_contents($dir . "/" . $file);
     preg_match('/URL=(.*)$/', $content, $matches);
     $url = $matches[1];
     $title = $file;
     /* Not totally sure that this is the right way to proceed…
      *
      * First we decode the URL (to avoid double encode), then we
      * replace spaces with underscore (as they are converted as
      * such by Etherpad), then we encode the URL properly (and we
      * avoid to urlencode() the protocol scheme).
      *
      * Magic urlencode() function was stolen from this answer on
      * StackOverflow: <http://stackoverflow.com/a/7974253>.
      */
     $url = urldecode($url);
     $url = str_replace(' ', '_', $url);
     $url = preg_replace_callback('#://([^/]+)/([^?]+)#', function ($match) {
         return '://' . $match[1] . '/' . join('/', array_map('rawurlencode', explode('/', $match[2])));
     }, $url);
     $params = ['urlGenerator' => $this->urlGenerator, 'url' => $url, 'title' => $title];
     $response = new TemplateResponse($this->appName, 'viewer', $params, 'blank');
     /* Allow Etherpad and Ethercalc domains to the
      * Content-Security-frame- list.
      *
      * This feature was introduced in ownCloud 8.1.
      */
     $policy = new ContentSecurityPolicy();
     $appConfig = \OC::$server->getAppConfig();
     $policy->addAllowedFrameDomain($appConfig->getValue('ownpad', 'ownpad_etherpad_host', ''));
     $policy->addAllowedFrameDomain($appConfig->getValue('ownpad', 'ownpad_ethercalc_host', ''));
     $response->setContentSecurityPolicy($policy);
     return $response;
 }
Exemplo n.º 8
0
 /**
  * @NoAdminRequired
  * @NoCSRFRequired
  */
 public function index()
 {
     \OC::$server->getNavigationManager()->setActiveEntry('documents_index');
     $maxUploadFilesize = \OCP\Util::maxUploadFilesize("/");
     $response = new TemplateResponse('documents', 'documents', ['enable_previews' => $this->settings->getSystemValue('enable_previews', true), 'useUnstable' => $this->settings->getAppValue('documents', 'unstable', 'false'), 'savePath' => $this->settings->getUserValue($this->uid, 'documents', 'save_path', '/'), 'uploadMaxFilesize' => $maxUploadFilesize, 'uploadMaxHumanFilesize' => \OCP\Util::humanFileSize($maxUploadFilesize), 'allowShareWithLink' => $this->settings->getAppValue('core', 'shareapi_allow_links', 'yes')]);
     $policy = new ContentSecurityPolicy();
     //$policy->addAllowedChildSrcDomain('\'self\' http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js http://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/jquery.mousewheel.min.js \'unsafe-eval\'');
     $policy->addAllowedScriptDomain('\'self\' http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js http://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/jquery.mousewheel.min.js \'unsafe-eval\'');
     $policy->addAllowedFrameDomain('\'self\' http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js http://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/jquery.mousewheel.min.js \'unsafe-eval\'');
     $policy->addAllowedConnectDomain('ws://' . $_SERVER['SERVER_NAME'] . ':9980');
     $policy->addAllowedImageDomain('*');
     $policy->allowInlineScript(true);
     $policy->addAllowedFontDomain('data:');
     $response->setContentSecurityPolicy($policy);
     return $response;
 }
 /**
  * @PublicPage
  * @NoCSRFRequired
  *
  * @return TemplateResponse
  */
 public function showLibreOnline()
 {
     $params = ['urlGenerator' => $this->urlGenerator];
     $response = new TemplateResponse($this->appName, 'online', $params, 'blank');
     $policy = new ContentSecurityPolicy();
     $policy->addAllowedChildSrcDomain('*');
     $policy->addAllowedScriptDomain("*");
     $policy->addAllowedConnectDomain("*");
     $policy->addAllowedStyleDomain("*");
     $policy->addAllowedMediaDomain("*");
     $policy->addAllowedFontDomain('*');
     $policy->addAllowedImageDomain('*');
     $policy->addAllowedFrameDomain('*');
     $policy->addAllowedObjectDomain('*');
     $policy->allowInlineScript(True);
     $policy->allowInlineStyle(True);
     $policy->allowEvalScript(True);
     $response->setContentSecurityPolicy($policy);
     return $response;
 }
Exemplo n.º 10
0
 /**
  * @PublicPage
  * @NoCSRFRequired
  *
  * @param string $token
  * @param string $path
  * @return TemplateResponse|RedirectResponse
  */
 public function showShare($token, $path = '')
 {
     \OC_User::setIncognitoMode(true);
     // Check whether share exists
     $linkItem = Share::getShareByToken($token, false);
     if ($linkItem === false) {
         return new NotFoundResponse();
     }
     $shareOwner = $linkItem['uid_owner'];
     $originalSharePath = $this->getPath($token);
     // Share is password protected - check whether the user is permitted to access the share
     if (isset($linkItem['share_with']) && !Helper::authenticate($linkItem)) {
         return new RedirectResponse($this->urlGenerator->linkToRoute('files_sharing.sharecontroller.authenticate', array('token' => $token)));
     }
     if (Filesystem::isReadable($originalSharePath . $path)) {
         $getPath = Filesystem::normalizePath($path);
         $originalSharePath .= $path;
     } else {
         throw new OCP\Files\NotFoundException();
     }
     $file = basename($originalSharePath);
     $shareTmpl = [];
     $shareTmpl['displayName'] = User::getDisplayName($shareOwner);
     $shareTmpl['filename'] = $file;
     $shareTmpl['directory_path'] = $linkItem['file_target'];
     $shareTmpl['mimetype'] = Filesystem::getMimeType($originalSharePath);
     $shareTmpl['previewSupported'] = \OC::$server->getPreviewManager()->isMimeSupported($shareTmpl['mimetype']);
     $shareTmpl['dirToken'] = $linkItem['token'];
     $shareTmpl['sharingToken'] = $token;
     $shareTmpl['server2serversharing'] = Helper::isOutgoingServer2serverShareEnabled();
     $shareTmpl['protected'] = isset($linkItem['share_with']) ? 'true' : 'false';
     $shareTmpl['dir'] = '';
     $nonHumanFileSize = \OC\Files\Filesystem::filesize($originalSharePath);
     $shareTmpl['nonHumanFileSize'] = $nonHumanFileSize;
     $shareTmpl['fileSize'] = \OCP\Util::humanFileSize($nonHumanFileSize);
     // Show file list
     if (Filesystem::is_dir($originalSharePath)) {
         $shareTmpl['dir'] = $getPath;
         $maxUploadFilesize = Util::maxUploadFilesize($originalSharePath);
         $freeSpace = Util::freeSpace($originalSharePath);
         $uploadLimit = Util::uploadLimit();
         $folder = new Template('files', 'list', '');
         $folder->assign('dir', $getPath);
         $folder->assign('dirToken', $linkItem['token']);
         $folder->assign('permissions', \OCP\Constants::PERMISSION_READ);
         $folder->assign('isPublic', true);
         $folder->assign('publicUploadEnabled', 'no');
         $folder->assign('uploadMaxFilesize', $maxUploadFilesize);
         $folder->assign('uploadMaxHumanFilesize', OCP\Util::humanFileSize($maxUploadFilesize));
         $folder->assign('freeSpace', $freeSpace);
         $folder->assign('uploadLimit', $uploadLimit);
         // PHP upload limit
         $folder->assign('usedSpacePercent', 0);
         $folder->assign('trash', false);
         $shareTmpl['folder'] = $folder->fetchPage();
     }
     $shareTmpl['downloadURL'] = $this->urlGenerator->linkToRouteAbsolute('files_sharing.sharecontroller.downloadShare', array('token' => $token));
     $shareTmpl['maxSizeAnimateGif'] = $this->config->getSystemValue('max_filesize_animated_gifs_public_sharing', 10);
     $csp = new OCP\AppFramework\Http\ContentSecurityPolicy();
     $csp->addAllowedFrameDomain('\'self\'');
     $response = new TemplateResponse($this->appName, 'public', $shareTmpl, 'base');
     $response->setContentSecurityPolicy($csp);
     return $response;
 }
Exemplo n.º 11
0
 /**
  * @NoCSRFRequired
  * @NoAdminRequired
  *
  * @param string $dir
  * @param string $view
  * @return TemplateResponse
  * @throws \OCP\Files\NotFoundException
  */
 public function index($dir = '', $view = '')
 {
     $nav = new \OCP\Template('files', 'appnavigation', '');
     // Load the files we need
     \OCP\Util::addStyle('files', 'files');
     \OCP\Util::addStyle('files', 'upload');
     \OCP\Util::addStyle('files', 'mobile');
     \OCP\Util::addscript('files', 'app');
     \OCP\Util::addscript('files', 'file-upload');
     \OCP\Util::addscript('files', 'newfilemenu');
     \OCP\Util::addscript('files', 'jquery.iframe-transport');
     \OCP\Util::addscript('files', 'jquery.fileupload');
     \OCP\Util::addscript('files', 'jquery-visibility');
     \OCP\Util::addscript('files', 'fileinfomodel');
     \OCP\Util::addscript('files', 'filesummary');
     \OCP\Util::addscript('files', 'breadcrumb');
     \OCP\Util::addscript('files', 'filelist');
     \OCP\Util::addscript('files', 'search');
     \OCP\Util::addScript('files', 'favoritesfilelist');
     \OCP\Util::addScript('files', 'tagsplugin');
     \OCP\Util::addScript('files', 'favoritesplugin');
     \OCP\Util::addScript('files', 'detailfileinfoview');
     \OCP\Util::addScript('files', 'detailtabview');
     \OCP\Util::addScript('files', 'mainfileinfodetailview');
     \OCP\Util::addScript('files', 'detailsview');
     \OCP\Util::addStyle('files', 'detailsView');
     \OC_Util::addVendorScript('core', 'handlebars/handlebars');
     \OCP\Util::addscript('files', 'fileactions');
     \OCP\Util::addscript('files', 'fileactionsmenu');
     \OCP\Util::addscript('files', 'files');
     \OCP\Util::addscript('files', 'keyboardshortcuts');
     \OCP\Util::addscript('files', 'navigation');
     // if IE8 and "?dir=path&view=someview" was specified, reformat the URL to use a hash like "#?dir=path&view=someview"
     $isIE8 = $this->request->isUserAgent([Request::USER_AGENT_IE_8]);
     if ($isIE8 && ($dir !== '' || $view !== '')) {
         $dir = !empty($dir) ? $dir : '/';
         $view = !empty($view) ? $view : 'files';
         $hash = '#?dir=' . \OCP\Util::encodePath($dir);
         if ($view !== 'files') {
             $hash .= '&view=' . urlencode($view);
         }
         return new RedirectResponse($this->urlGenerator->linkToRoute('files.view.index') . $hash);
     }
     // mostly for the home storage's free space
     // FIXME: Make non static
     $storageInfo = $this->getStorageInfo();
     \OCA\Files\App::getNavigationManager()->add(['id' => 'favorites', 'appname' => 'files', 'script' => 'simplelist.php', 'order' => 5, 'name' => $this->l10n->t('Favorites')]);
     $navItems = \OCA\Files\App::getNavigationManager()->getAll();
     usort($navItems, function ($item1, $item2) {
         return $item1['order'] - $item2['order'];
     });
     $nav->assign('navigationItems', $navItems);
     $contentItems = [];
     // render the container content for every navigation item
     foreach ($navItems as $item) {
         $content = '';
         if (isset($item['script'])) {
             $content = $this->renderScript($item['appname'], $item['script']);
         }
         $contentItem = [];
         $contentItem['id'] = $item['id'];
         $contentItem['content'] = $content;
         $contentItems[] = $contentItem;
     }
     $this->eventDispatcher->dispatch('OCA\\Files::loadAdditionalScripts');
     $params = [];
     $params['usedSpacePercent'] = (int) $storageInfo['relative'];
     $params['owner'] = $storageInfo['owner'];
     $params['ownerDisplayName'] = $storageInfo['ownerDisplayName'];
     $params['isPublic'] = false;
     $params['mailNotificationEnabled'] = $this->config->getAppValue('core', 'shareapi_allow_mail_notification', 'no');
     $params['mailPublicNotificationEnabled'] = $this->config->getAppValue('core', 'shareapi_allow_public_notification', 'no');
     $params['allowShareWithLink'] = $this->config->getAppValue('core', 'shareapi_allow_links', 'yes');
     $params['appNavigation'] = $nav;
     $params['appContents'] = $contentItems;
     $this->navigationManager->setActiveEntry('files_index');
     $response = new TemplateResponse($this->appName, 'index', $params);
     $policy = new ContentSecurityPolicy();
     $policy->addAllowedFrameDomain('\'self\'');
     $response->setContentSecurityPolicy($policy);
     return $response;
 }
Exemplo n.º 12
0
 /**
  * @PublicPage
  * @NoCSRFRequired
  *
  * @param string $token
  * @param string $path
  * @return TemplateResponse|RedirectResponse
  * @throws NotFoundException
  */
 public function showShare($token, $path = '')
 {
     \OC_User::setIncognitoMode(true);
     // Check whether share exists
     try {
         $share = $this->shareManager->getShareByToken($token);
     } catch (\OC\Share20\Exception\ShareNotFound $e) {
         return new NotFoundResponse();
     }
     // Share is password protected - check whether the user is permitted to access the share
     if ($share->getPassword() !== null && !$this->linkShareAuth($share)) {
         return new RedirectResponse($this->urlGenerator->linkToRoute('files_sharing.sharecontroller.authenticate', array('token' => $token)));
     }
     // We can't get the path of a file share
     if ($share->getNode() instanceof \OCP\Files\File && $path !== '') {
         throw new NotFoundException();
     }
     $rootFolder = null;
     if ($share->getNode() instanceof \OCP\Files\Folder) {
         /** @var \OCP\Files\Folder $rootFolder */
         $rootFolder = $share->getNode();
         try {
             $path = $rootFolder->get($path);
         } catch (\OCP\Files\NotFoundException $e) {
             throw new NotFoundException();
         }
     }
     $shareTmpl = [];
     $shareTmpl['displayName'] = $share->getShareOwner()->getDisplayName();
     $shareTmpl['owner'] = $share->getShareOwner()->getUID();
     $shareTmpl['filename'] = $share->getNode()->getName();
     $shareTmpl['directory_path'] = $share->getTarget();
     $shareTmpl['mimetype'] = $share->getNode()->getMimetype();
     $shareTmpl['previewSupported'] = $this->previewManager->isMimeSupported($share->getNode()->getMimetype());
     $shareTmpl['dirToken'] = $token;
     $shareTmpl['sharingToken'] = $token;
     $shareTmpl['server2serversharing'] = Helper::isOutgoingServer2serverShareEnabled();
     $shareTmpl['protected'] = $share->getPassword() !== null ? 'true' : 'false';
     $shareTmpl['dir'] = '';
     $shareTmpl['nonHumanFileSize'] = $share->getNode()->getSize();
     $shareTmpl['fileSize'] = \OCP\Util::humanFileSize($share->getNode()->getSize());
     // Show file list
     if ($share->getNode() instanceof \OCP\Files\Folder) {
         $shareTmpl['dir'] = $rootFolder->getRelativePath($path->getPath());
         /*
          * The OC_Util methods require a view. This just uses the node API
          */
         $freeSpace = $share->getNode()->getStorage()->free_space($share->getNode()->getInternalPath());
         if ($freeSpace !== \OCP\Files\FileInfo::SPACE_UNKNOWN) {
             $freeSpace = max($freeSpace, 0);
         } else {
             $freeSpace = INF > 0 ? INF : PHP_INT_MAX;
             // work around https://bugs.php.net/bug.php?id=69188
         }
         $uploadLimit = Util::uploadLimit();
         $maxUploadFilesize = min($freeSpace, $uploadLimit);
         $folder = new Template('files', 'list', '');
         $folder->assign('dir', $rootFolder->getRelativePath($path->getPath()));
         $folder->assign('dirToken', $token);
         $folder->assign('permissions', \OCP\Constants::PERMISSION_READ);
         $folder->assign('isPublic', true);
         $folder->assign('publicUploadEnabled', 'no');
         $folder->assign('uploadMaxFilesize', $maxUploadFilesize);
         $folder->assign('uploadMaxHumanFilesize', OCP\Util::humanFileSize($maxUploadFilesize));
         $folder->assign('freeSpace', $freeSpace);
         $folder->assign('uploadLimit', $uploadLimit);
         // PHP upload limit
         $folder->assign('usedSpacePercent', 0);
         $folder->assign('trash', false);
         $shareTmpl['folder'] = $folder->fetchPage();
     }
     $shareTmpl['downloadURL'] = $this->urlGenerator->linkToRouteAbsolute('files_sharing.sharecontroller.downloadShare', array('token' => $token));
     $shareTmpl['maxSizeAnimateGif'] = $this->config->getSystemValue('max_filesize_animated_gifs_public_sharing', 10);
     $shareTmpl['previewEnabled'] = $this->config->getSystemValue('enable_previews', true);
     $csp = new OCP\AppFramework\Http\ContentSecurityPolicy();
     $csp->addAllowedFrameDomain('\'self\'');
     $response = new TemplateResponse($this->appName, 'public', $shareTmpl, 'base');
     $response->setContentSecurityPolicy($csp);
     return $response;
 }
Exemplo n.º 13
0
 public function testIndexWithRegularBrowser()
 {
     $this->request->expects($this->once())->method('isUserAgent')->with(['/MSIE 8.0/'])->will($this->returnValue(false));
     $this->viewController->expects($this->once())->method('getStorageInfo')->will($this->returnValue(['relative' => 123, 'owner' => 'MyName', 'ownerDisplayName' => 'MyDisplayName']));
     $this->config->expects($this->any())->method('getAppValue')->will($this->returnArgument(2));
     $nav = new Template('files', 'appnavigation');
     $nav->assign('navigationItems', [0 => ['id' => 'files', 'appname' => 'files', 'script' => 'list.php', 'order' => 0, 'name' => new \OC_L10N_String(new \OC_L10N('files'), 'All files', []), 'active' => false, 'icon' => ''], 1 => ['id' => 'favorites', 'appname' => 'files', 'script' => 'simplelist.php', 'order' => 5, 'name' => null, 'active' => false, 'icon' => ''], 2 => ['id' => 'sharingin', 'appname' => 'files_sharing', 'script' => 'list.php', 'order' => 10, 'name' => new \OC_L10N_String(new \OC_L10N('files_sharing'), 'Shared with you', []), 'active' => false, 'icon' => ''], 3 => ['id' => 'sharingout', 'appname' => 'files_sharing', 'script' => 'list.php', 'order' => 15, 'name' => new \OC_L10N_String(new \OC_L10N('files_sharing'), 'Shared with others', []), 'active' => false, 'icon' => ''], 4 => ['id' => 'sharinglinks', 'appname' => 'files_sharing', 'script' => 'list.php', 'order' => 20, 'name' => new \OC_L10N_String(new \OC_L10N('files_sharing'), 'Shared by link', []), 'active' => false, 'icon' => ''], 5 => ['id' => 'trashbin', 'appname' => 'files_trashbin', 'script' => 'list.php', 'order' => 50, 'name' => new \OC_L10N_String(new \OC_L10N('files_trashbin'), 'Deleted files', []), 'active' => false, 'icon' => '']]);
     $expected = new Http\TemplateResponse('files', 'index', ['usedSpacePercent' => 123, 'owner' => 'MyName', 'ownerDisplayName' => 'MyDisplayName', 'isPublic' => false, 'mailNotificationEnabled' => 'no', 'mailPublicNotificationEnabled' => 'no', 'allowShareWithLink' => 'yes', 'appNavigation' => $nav, 'appContents' => [0 => ['id' => 'files', 'content' => null], 1 => ['id' => 'favorites', 'content' => null], 2 => ['id' => 'sharingin', 'content' => null], 3 => ['id' => 'sharingout', 'content' => null], 4 => ['id' => 'sharinglinks', 'content' => null], 5 => ['id' => 'trashbin', 'content' => null]]]);
     $policy = new Http\ContentSecurityPolicy();
     $policy->addAllowedFrameDomain('\'self\'');
     $expected->setContentSecurityPolicy($policy);
     $this->assertEquals($expected, $this->viewController->index('MyDir', 'MyView'));
 }
Exemplo n.º 14
0
 /**
  * @NoAdminRequired
  * @NoCSRFRequired
  */
 public function index()
 {
     $wopiRemote = $this->appConfig->getAppValue('wopi_url');
     if (($parts = parse_url($wopiRemote)) && isset($parts['scheme']) && isset($parts['host'])) {
         $webSocketProtocol = "ws://";
         if ($parts['scheme'] == "https") {
             $webSocketProtocol = "wss://";
         }
         $webSocket = sprintf("%s%s%s", $webSocketProtocol, $parts['host'], isset($parts['port']) ? ":" . $parts['port'] : "");
     } else {
         return $this->responseError($this->l10n->t('Collabora Online: Invalid URL "%s".', array($wopiRemote)), $this->l10n->t('Please ask your administrator to check the Collabora Online server setting.'));
     }
     \OC::$server->getNavigationManager()->setActiveEntry('richdocuments_index');
     $maxUploadFilesize = \OCP\Util::maxUploadFilesize("/");
     $response = new TemplateResponse('richdocuments', 'documents', ['enable_previews' => $this->settings->getSystemValue('enable_previews', true), 'uploadMaxFilesize' => $maxUploadFilesize, 'uploadMaxHumanFilesize' => \OCP\Util::humanFileSize($maxUploadFilesize), 'allowShareWithLink' => $this->settings->getAppValue('core', 'shareapi_allow_links', 'yes'), 'wopi_url' => $webSocket]);
     $policy = new ContentSecurityPolicy();
     $policy->addAllowedScriptDomain('\'self\' http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js http://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/jquery.mousewheel.min.js \'unsafe-eval\' ' . $wopiRemote);
     /* frame-src is deprecated on Firefox, but Safari wants it! */
     $policy->addAllowedFrameDomain('\'self\' http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js http://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/jquery.mousewheel.min.js \'unsafe-eval\' ' . $wopiRemote);
     $policy->addAllowedChildSrcDomain('\'self\' http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js http://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/jquery.mousewheel.min.js \'unsafe-eval\' ' . $wopiRemote);
     $policy->addAllowedConnectDomain($webSocket);
     $policy->addAllowedImageDomain('*');
     $policy->allowInlineScript(true);
     $policy->addAllowedFontDomain('data:');
     $response->setContentSecurityPolicy($policy);
     return $response;
 }