From 71cf92697cf1632803e9e57629504871cad549da Mon Sep 17 00:00:00 2001
From: Thomas Citharel <github@tcit.fr>
Date: Sat, 12 Dec 2020 21:11:42 +0100
Subject: [PATCH] Update comment to reflect current CSP policy

JS unsafe-eval was removed a long time ago in https://github.com/nextcloud/server/pull/11028
---
 lib/public/AppFramework/Http/ContentSecurityPolicy.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/public/AppFramework/Http/ContentSecurityPolicy.php b/lib/public/AppFramework/Http/ContentSecurityPolicy.php
index 3a9ab8f8c15..20263769630 100644
--- a/lib/public/AppFramework/Http/ContentSecurityPolicy.php
+++ b/lib/public/AppFramework/Http/ContentSecurityPolicy.php
@@ -36,7 +36,7 @@ namespace OCP\AppFramework\Http;
  * notice that Nextcloud ships already with sensible defaults and those policies
  * should require no modification at all for most use-cases.
  *
- * This class allows unsafe-eval of javascript and unsafe-inline of CSS.
+ * This class allows unsafe-inline of CSS.
  *
  * @since 8.1.0
  */
-- 
GitLab