MichaIng
MichaIng
I guess this means to re-open this issue for discussion, doesn't it? Currently the nonce is still only used based on a whitelist: - https://github.com/nextcloud/server/blob/215aef3/lib/private/AppFramework/Middleware/Security/CSPMiddleware.php#L74-L76 - https://github.com/nextcloud/server/blob/215aef3/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php#L80-L95 If compatibility with...
This should be the relevant support list: https://caniuse.com/contentsecuritypolicy2 It also shows the broken nonce support in old Edge. The info regarding Opera Mini is almost always wrong, as it is...
Here is an example about how to define a nonce in an inline CSS block, and a related CSP rule, to block `unsafe-line` CSS, but only allow those with this...
> I am to n00b to have an idea how to put this in our login flow. I was just thinking to test this outside of Nextcloud, with a single...
I mean it is of course possible that people run older webview on newer Android, theoretically. Let's see Chromium (=webview) and Android release dates: - https://www.chromium.org/developers/calendar/#previous-release-information - https://en.wikipedia.org/wiki/Android_version_history#Android_6.0_Marshmallow So oldest...
@SystemKeeper Test it with the website I posted above: https://dietpi.com/nonce/ No need to wait for a PR.
Would be great to allow logging to STDOUT indeed. When starting Cuberite via systemd service, logs are done to syslog/journal, quite common for systemd services. _It would be also great...
systemd services run processes preferably in foreground, which makes status and exit code tracking more accurate. It is important to have an independant daemon mode (i.e. background forking) flag, bit...
For me it is as well the first JPEG I see breaking, so I have no other example. Out of interest, I saved the file again with GIMP, removing some...
Would be helpful if you could link the PR. Probably we find a pattern in the JPEG which is falsely "optimised" by the library/tool ImgBot uses.