diff --git a/lib/composer/composer/autoload_classmap.php b/lib/composer/composer/autoload_classmap.php
index 22909fe1712519ada833a96e42a11f07133b86a6..53d51e998f2c9fccea9fc8093014ef9a3b474439 100644
--- a/lib/composer/composer/autoload_classmap.php
+++ b/lib/composer/composer/autoload_classmap.php
@@ -37,6 +37,8 @@ return array(
'OCP\\AppFramework\\Http\\DataResponse' => $baseDir . '/lib/public/AppFramework/Http/DataResponse.php',
'OCP\\AppFramework\\Http\\DownloadResponse' => $baseDir . '/lib/public/AppFramework/Http/DownloadResponse.php',
'OCP\\AppFramework\\Http\\EmptyContentSecurityPolicy' => $baseDir . '/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php',
+ 'OCP\\AppFramework\\Http\\EmptyFeaturePolicy' => $baseDir . '/lib/public/AppFramework/Http/EmptyFeaturePolicy.php',
+ 'OCP\\AppFramework\\Http\\FeaturePolicy' => $baseDir . '/lib/public/AppFramework/Http/FeaturePolicy.php',
'OCP\\AppFramework\\Http\\FileDisplayResponse' => $baseDir . '/lib/public/AppFramework/Http/FileDisplayResponse.php',
'OCP\\AppFramework\\Http\\ICallbackResponse' => $baseDir . '/lib/public/AppFramework/Http/ICallbackResponse.php',
'OCP\\AppFramework\\Http\\IOutput' => $baseDir . '/lib/public/AppFramework/Http/IOutput.php',
@@ -380,6 +382,7 @@ return array(
'OCP\\Search\\Provider' => $baseDir . '/lib/public/Search/Provider.php',
'OCP\\Search\\Result' => $baseDir . '/lib/public/Search/Result.php',
'OCP\\Security\\CSP\\AddContentSecurityPolicyEvent' => $baseDir . '/lib/public/Security/CSP/AddContentSecurityPolicyEvent.php',
+ 'OCP\\Security\\FeaturePolicy\\AddFeaturePolicyEvent' => $baseDir . '/lib/public/Security/FeaturePolicy/AddFeaturePolicyEvent.php',
'OCP\\Security\\IContentSecurityPolicyManager' => $baseDir . '/lib/public/Security/IContentSecurityPolicyManager.php',
'OCP\\Security\\ICredentialsManager' => $baseDir . '/lib/public/Security/ICredentialsManager.php',
'OCP\\Security\\ICrypto' => $baseDir . '/lib/public/Security/ICrypto.php',
@@ -470,6 +473,7 @@ return array(
'OC\\AppFramework\\Middleware\\Security\\Exceptions\\ReloadExecutionException' => $baseDir . '/lib/private/AppFramework/Middleware/Security/Exceptions/ReloadExecutionException.php',
'OC\\AppFramework\\Middleware\\Security\\Exceptions\\SecurityException' => $baseDir . '/lib/private/AppFramework/Middleware/Security/Exceptions/SecurityException.php',
'OC\\AppFramework\\Middleware\\Security\\Exceptions\\StrictCookieMissingException' => $baseDir . '/lib/private/AppFramework/Middleware/Security/Exceptions/StrictCookieMissingException.php',
+ 'OC\\AppFramework\\Middleware\\Security\\FeaturePolicyMiddleware' => $baseDir . '/lib/private/AppFramework/Middleware/Security/FeaturePolicyMiddleware.php',
'OC\\AppFramework\\Middleware\\Security\\PasswordConfirmationMiddleware' => $baseDir . '/lib/private/AppFramework/Middleware/Security/PasswordConfirmationMiddleware.php',
'OC\\AppFramework\\Middleware\\Security\\RateLimitingMiddleware' => $baseDir . '/lib/private/AppFramework/Middleware/Security/RateLimitingMiddleware.php',
'OC\\AppFramework\\Middleware\\Security\\ReloadExecutionMiddleware' => $baseDir . '/lib/private/AppFramework/Middleware/Security/ReloadExecutionMiddleware.php',
@@ -1107,6 +1111,8 @@ return array(
'OC\\Security\\CertificateManager' => $baseDir . '/lib/private/Security/CertificateManager.php',
'OC\\Security\\CredentialsManager' => $baseDir . '/lib/private/Security/CredentialsManager.php',
'OC\\Security\\Crypto' => $baseDir . '/lib/private/Security/Crypto.php',
+ 'OC\\Security\\FeaturePolicy\\FeaturePolicy' => $baseDir . '/lib/private/Security/FeaturePolicy/FeaturePolicy.php',
+ 'OC\\Security\\FeaturePolicy\\FeaturePolicyManager' => $baseDir . '/lib/private/Security/FeaturePolicy/FeaturePolicyManager.php',
'OC\\Security\\Hasher' => $baseDir . '/lib/private/Security/Hasher.php',
'OC\\Security\\IdentityProof\\Key' => $baseDir . '/lib/private/Security/IdentityProof/Key.php',
'OC\\Security\\IdentityProof\\Manager' => $baseDir . '/lib/private/Security/IdentityProof/Manager.php',
diff --git a/lib/composer/composer/autoload_static.php b/lib/composer/composer/autoload_static.php
index 4ddbc050e5097498db7883fd3bda1757db238ea9..058cede07d9a09300f58380c8a824965ed43ce2c 100644
--- a/lib/composer/composer/autoload_static.php
+++ b/lib/composer/composer/autoload_static.php
@@ -71,6 +71,8 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
'OCP\\AppFramework\\Http\\DataResponse' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/DataResponse.php',
'OCP\\AppFramework\\Http\\DownloadResponse' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/DownloadResponse.php',
'OCP\\AppFramework\\Http\\EmptyContentSecurityPolicy' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php',
+ 'OCP\\AppFramework\\Http\\EmptyFeaturePolicy' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/EmptyFeaturePolicy.php',
+ 'OCP\\AppFramework\\Http\\FeaturePolicy' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/FeaturePolicy.php',
'OCP\\AppFramework\\Http\\FileDisplayResponse' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/FileDisplayResponse.php',
'OCP\\AppFramework\\Http\\ICallbackResponse' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/ICallbackResponse.php',
'OCP\\AppFramework\\Http\\IOutput' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/IOutput.php',
@@ -414,6 +416,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
'OCP\\Search\\Provider' => __DIR__ . '/../../..' . '/lib/public/Search/Provider.php',
'OCP\\Search\\Result' => __DIR__ . '/../../..' . '/lib/public/Search/Result.php',
'OCP\\Security\\CSP\\AddContentSecurityPolicyEvent' => __DIR__ . '/../../..' . '/lib/public/Security/CSP/AddContentSecurityPolicyEvent.php',
+ 'OCP\\Security\\FeaturePolicy\\AddFeaturePolicyEvent' => __DIR__ . '/../../..' . '/lib/public/Security/FeaturePolicy/AddFeaturePolicyEvent.php',
'OCP\\Security\\IContentSecurityPolicyManager' => __DIR__ . '/../../..' . '/lib/public/Security/IContentSecurityPolicyManager.php',
'OCP\\Security\\ICredentialsManager' => __DIR__ . '/../../..' . '/lib/public/Security/ICredentialsManager.php',
'OCP\\Security\\ICrypto' => __DIR__ . '/../../..' . '/lib/public/Security/ICrypto.php',
@@ -504,6 +507,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
'OC\\AppFramework\\Middleware\\Security\\Exceptions\\ReloadExecutionException' => __DIR__ . '/../../..' . '/lib/private/AppFramework/Middleware/Security/Exceptions/ReloadExecutionException.php',
'OC\\AppFramework\\Middleware\\Security\\Exceptions\\SecurityException' => __DIR__ . '/../../..' . '/lib/private/AppFramework/Middleware/Security/Exceptions/SecurityException.php',
'OC\\AppFramework\\Middleware\\Security\\Exceptions\\StrictCookieMissingException' => __DIR__ . '/../../..' . '/lib/private/AppFramework/Middleware/Security/Exceptions/StrictCookieMissingException.php',
+ 'OC\\AppFramework\\Middleware\\Security\\FeaturePolicyMiddleware' => __DIR__ . '/../../..' . '/lib/private/AppFramework/Middleware/Security/FeaturePolicyMiddleware.php',
'OC\\AppFramework\\Middleware\\Security\\PasswordConfirmationMiddleware' => __DIR__ . '/../../..' . '/lib/private/AppFramework/Middleware/Security/PasswordConfirmationMiddleware.php',
'OC\\AppFramework\\Middleware\\Security\\RateLimitingMiddleware' => __DIR__ . '/../../..' . '/lib/private/AppFramework/Middleware/Security/RateLimitingMiddleware.php',
'OC\\AppFramework\\Middleware\\Security\\ReloadExecutionMiddleware' => __DIR__ . '/../../..' . '/lib/private/AppFramework/Middleware/Security/ReloadExecutionMiddleware.php',
@@ -1141,6 +1145,8 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
'OC\\Security\\CertificateManager' => __DIR__ . '/../../..' . '/lib/private/Security/CertificateManager.php',
'OC\\Security\\CredentialsManager' => __DIR__ . '/../../..' . '/lib/private/Security/CredentialsManager.php',
'OC\\Security\\Crypto' => __DIR__ . '/../../..' . '/lib/private/Security/Crypto.php',
+ 'OC\\Security\\FeaturePolicy\\FeaturePolicy' => __DIR__ . '/../../..' . '/lib/private/Security/FeaturePolicy/FeaturePolicy.php',
+ 'OC\\Security\\FeaturePolicy\\FeaturePolicyManager' => __DIR__ . '/../../..' . '/lib/private/Security/FeaturePolicy/FeaturePolicyManager.php',
'OC\\Security\\Hasher' => __DIR__ . '/../../..' . '/lib/private/Security/Hasher.php',
'OC\\Security\\IdentityProof\\Key' => __DIR__ . '/../../..' . '/lib/private/Security/IdentityProof/Key.php',
'OC\\Security\\IdentityProof\\Manager' => __DIR__ . '/../../..' . '/lib/private/Security/IdentityProof/Manager.php',
diff --git a/lib/private/AppFramework/DependencyInjection/DIContainer.php b/lib/private/AppFramework/DependencyInjection/DIContainer.php
index f47af340b38f0086cebecae0757ae401a6f3e5f2..89ebc60b226d8336bd69124e0ef3bbebbc54239e 100644
--- a/lib/private/AppFramework/DependencyInjection/DIContainer.php
+++ b/lib/private/AppFramework/DependencyInjection/DIContainer.php
@@ -231,6 +231,9 @@ class DIContainer extends SimpleContainer implements IAppContainer {
$server->query(OC\Security\CSRF\CsrfTokenManager::class)
)
);
+ $dispatcher->registerMiddleware(
+ $server->query(OC\AppFramework\Middleware\Security\FeaturePolicyMiddleware::class)
+ );
$dispatcher->registerMiddleware(
new OC\AppFramework\Middleware\Security\PasswordConfirmationMiddleware(
$c->query(IControllerMethodReflector::class),
diff --git a/lib/private/AppFramework/Middleware/Security/FeaturePolicyMiddleware.php b/lib/private/AppFramework/Middleware/Security/FeaturePolicyMiddleware.php
new file mode 100644
index 0000000000000000000000000000000000000000..9a125edcd9c9acf6ef40d5591d0e84d49dfe006f
--- /dev/null
+++ b/lib/private/AppFramework/Middleware/Security/FeaturePolicyMiddleware.php
@@ -0,0 +1,70 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2019, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OC\AppFramework\Middleware\Security;
+
+use OC\Security\CSP\ContentSecurityPolicyManager;
+use OC\Security\CSP\ContentSecurityPolicyNonceManager;
+use OC\Security\CSRF\CsrfTokenManager;
+use OC\Security\FeaturePolicy\FeaturePolicy;
+use OC\Security\FeaturePolicy\FeaturePolicyManager;
+use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\ContentSecurityPolicy;
+use OCP\AppFramework\Http\EmptyContentSecurityPolicy;
+use OCP\AppFramework\Http\EmptyFeaturePolicy;
+use OCP\AppFramework\Http\Response;
+use OCP\AppFramework\Middleware;
+
+class FeaturePolicyMiddleware extends Middleware {
+
+ /** @var FeaturePolicyManager */
+ private $policyManager;
+
+ public function __construct(FeaturePolicyManager $policyManager) {
+ $this->policyManager = $policyManager;
+ }
+
+ /**
+ * Performs the default FeaturePolicy modifications that may be injected by other
+ * applications
+ *
+ * @param Controller $controller
+ * @param string $methodName
+ * @param Response $response
+ * @return Response
+ */
+ public function afterController($controller, $methodName, Response $response): Response {
+ $policy = !is_null($response->getFeaturePolicy()) ? $response->getFeaturePolicy() : new FeaturePolicy();
+
+ if (get_class($policy) === EmptyFeaturePolicy::class) {
+ return $response;
+ }
+
+ $defaultPolicy = $this->policyManager->getDefaultPolicy();
+ $defaultPolicy = $this->policyManager->mergePolicies($defaultPolicy, $policy);
+ $response->setFeaturePolicy($defaultPolicy);
+
+ return $response;
+ }
+}
diff --git a/lib/private/AppFramework/OCS/BaseResponse.php b/lib/private/AppFramework/OCS/BaseResponse.php
index b27784cfcf2ddd2a651c1cf30643af992dfc63c3..90ea084dd99f1b0553d08387769bfdfaf2b64bfe 100644
--- a/lib/private/AppFramework/OCS/BaseResponse.php
+++ b/lib/private/AppFramework/OCS/BaseResponse.php
@@ -57,6 +57,8 @@ abstract class BaseResponse extends Response {
$statusMessage = null,
$itemsCount = null,
$itemsPerPage = null) {
+ parent::__construct();
+
$this->format = $format;
$this->statusMessage = $statusMessage;
$this->itemsCount = $itemsCount;
@@ -69,7 +71,6 @@ abstract class BaseResponse extends Response {
$this->setETag($dataResponse->getETag());
$this->setLastModified($dataResponse->getLastModified());
$this->setCookies($dataResponse->getCookies());
- $this->setContentSecurityPolicy(new EmptyContentSecurityPolicy());
if ($format === 'json') {
$this->addHeader(
diff --git a/lib/private/Security/FeaturePolicy/FeaturePolicy.php b/lib/private/Security/FeaturePolicy/FeaturePolicy.php
new file mode 100644
index 0000000000000000000000000000000000000000..bcfb02bf7c2cc08af61fa66bcb39e13b1922861d
--- /dev/null
+++ b/lib/private/Security/FeaturePolicy/FeaturePolicy.php
@@ -0,0 +1,76 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2019, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OC\Security\FeaturePolicy;
+
+class FeaturePolicy extends \OCP\AppFramework\Http\FeaturePolicy {
+
+ public function getAutoplayDomains(): array {
+ return $this->autoplayDomains;
+ }
+
+ public function setAutoplayDomains(array $autoplayDomains): void {
+ $this->autoplayDomains = $autoplayDomains;
+ }
+
+ public function getCameraDomains(): array {
+ return $this->cameraDomains;
+ }
+
+ public function setCameraDomains(array $cameraDomains): void {
+ $this->cameraDomains = $cameraDomains;
+ }
+
+ public function getFullscreenDomains(): array {
+ return $this->fullscreenDomains;
+ }
+
+ public function setFullscreenDomains(array $fullscreenDomains): void {
+ $this->fullscreenDomains = $fullscreenDomains;
+ }
+
+ public function getGeolocationDomains(): array {
+ return $this->geolocationDomains;
+ }
+
+ public function setGeolocationDomains(array $geolocationDomains): void {
+ $this->geolocationDomains = $geolocationDomains;
+ }
+
+ public function getMicrophoneDomains(): array {
+ return $this->microphoneDomains;
+ }
+
+ public function setMicrophoneDomains(array $microphoneDomains): void {
+ $this->microphoneDomains = $microphoneDomains;
+ }
+
+ public function getPaymentDomains(): array {
+ return $this->paymentDomains;
+ }
+
+ public function setPaymentDomains(array $paymentDomains): void {
+ $this->paymentDomains = $paymentDomains;
+ }
+}
diff --git a/lib/private/Security/FeaturePolicy/FeaturePolicyManager.php b/lib/private/Security/FeaturePolicy/FeaturePolicyManager.php
new file mode 100644
index 0000000000000000000000000000000000000000..d5b04a6c16b9b67dfaf7b958c9adc4439dfba704
--- /dev/null
+++ b/lib/private/Security/FeaturePolicy/FeaturePolicyManager.php
@@ -0,0 +1,76 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2019, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OC\Security\FeaturePolicy;
+
+use OCP\AppFramework\Http\EmptyFeaturePolicy;
+use OCP\EventDispatcher\IEventDispatcher;
+use OCP\Security\FeaturePolicy\AddFeaturePolicyEvent;
+
+class FeaturePolicyManager {
+ /** @var EmptyFeaturePolicy[] */
+ private $policies = [];
+
+ /** @var IEventDispatcher */
+ private $dispatcher;
+
+ public function __construct(IEventDispatcher $dispatcher) {
+ $this->dispatcher = $dispatcher;
+ }
+
+ public function addDefaultPolicy(EmptyFeaturePolicy $policy): void {
+ $this->policies[] = $policy;
+ }
+
+ public function getDefaultPolicy(): FeaturePolicy {
+ $event = new AddFeaturePolicyEvent($this);
+ $this->dispatcher->dispatch(AddFeaturePolicyEvent::class, $event);
+
+ $defaultPolicy = new FeaturePolicy();
+ foreach ($this->policies as $policy) {
+ $defaultPolicy = $this->mergePolicies($defaultPolicy, $policy);
+ }
+ return $defaultPolicy;
+ }
+
+ /**
+ * Merges the first given policy with the second one
+ *
+ */
+ public function mergePolicies(FeaturePolicy $defaultPolicy,
+ EmptyFeaturePolicy $originalPolicy): FeaturePolicy {
+ foreach ((object)(array)$originalPolicy as $name => $value) {
+ $setter = 'set' . ucfirst($name);
+ if (\is_array($value)) {
+ $getter = 'get' . ucfirst($name);
+ $currentValues = \is_array($defaultPolicy->$getter()) ? $defaultPolicy->$getter() : [];
+ $defaultPolicy->$setter(\array_values(\array_unique(\array_merge($currentValues, $value))));
+ } elseif (\is_bool($value)) {
+ $defaultPolicy->$setter($value);
+ }
+ }
+
+ return $defaultPolicy;
+ }
+}
diff --git a/lib/public/AppFramework/Http/EmptyFeaturePolicy.php b/lib/public/AppFramework/Http/EmptyFeaturePolicy.php
new file mode 100644
index 0000000000000000000000000000000000000000..4b8a4f305319a51b7054aa58f38e919688eb702a
--- /dev/null
+++ b/lib/public/AppFramework/Http/EmptyFeaturePolicy.php
@@ -0,0 +1,183 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2019, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCP\AppFramework\Http;
+
+/**
+ * Class EmptyFeaturePolicy is a simple helper which allows applications
+ * to modify the FeaturePolicy sent by Nextcloud. Per default the policy
+ * is forbidding everything.
+ *
+ * As alternative with sane exemptions look at FeaturePolicy
+ *
+ * @see \OCP\AppFramework\Http\FeaturePolicy
+ * @package OCP\AppFramework\Http
+ * @since 17.0.0
+ */
+class EmptyFeaturePolicy {
+
+ /** @var string[] of allowed domains to autoplay media */
+ protected $autoplayDomains = null;
+
+ /** @var string[] of allowed domains that can access the camera */
+ protected $cameraDomains = null;
+
+ /** @var string[] of allowed domains that can use fullscreen */
+ protected $fullscreenDomains = null;
+
+ /** @var string[] of allowed domains that can use the geolocation of the device */
+ protected $geolocationDomains = null;
+
+ /** @var string[] of allowed domains that can use the microphone */
+ protected $microphoneDomains = null;
+
+ /** @var string[] of allowed domains that can use the payment API */
+ protected $paymentDomains = null;
+
+ /**
+ * Allows to use autoplay from a specific domain. Use * to allow from all domains.
+ *
+ * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
+ * @return $this
+ * @since 17.0.0
+ */
+ public function addAllowedAutoplayDomain(string $domain): self {
+ $this->autoplayDomains[] = $domain;
+ return $this;
+ }
+
+ /**
+ * Allows to use the camera on a specific domain. Use * to allow from all domains
+ *
+ * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
+ * @return $this
+ * @since 17.0.0
+ */
+ public function addAllowedCameraDomain(string $domain): self {
+ $this->cameraDomains[] = $domain;
+ return $this;
+ }
+
+ /**
+ * Allows the full screen functionality to be used on a specific domain. Use * to allow from all domains
+ *
+ * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
+ * @return $this
+ * @since 17.0.0
+ */
+ public function addAllowedFullScreenDomain(string $domain): self {
+ $this->fullscreenDomains[] = $domain;
+ return $this;
+ }
+
+ /**
+ * Allows to use the geolocation on a specific domain. Use * to allow from all domains
+ *
+ * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
+ * @return $this
+ * @since 17.0.0
+ */
+ public function addAllowedGeoLocationDomain(string $domain): self {
+ $this->geolocationDomains[] = $domain;
+ return $this;
+ }
+
+ /**
+ * Allows to use the microphone on a specific domain. Use * to allow from all domains
+ *
+ * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
+ * @return $this
+ * @since 17.0.0
+ */
+ public function addAllowedMicrophoneDomain(string $domain): self {
+ $this->microphoneDomains[] = $domain;
+ return $this;
+ }
+
+ /**
+ * Allows to use the payment API on a specific domain. Use * to allow from all domains
+ *
+ * @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
+ * @return $this
+ * @since 17.0.0
+ */
+ public function addAllowedPaymentDomain(string $domain): self {
+ $this->paymentDomains[] = $domain;
+ return $this;
+ }
+
+ /**
+ * Get the generated Feature-Policy as a string
+ *
+ * @return string
+ * @since 17.0.0
+ */
+ public function buildPolicy(): string {
+ $policy = '';
+
+ if (empty($this->autoplayDomains)) {
+ $policy .= "autoplay 'none';";
+ } else {
+ $policy .= 'autoplay ' . implode(' ', $this->autoplayDomains);
+ $policy .= ';';
+ }
+
+ if (empty($this->cameraDomains)) {
+ $policy .= "camera 'none';";
+ } else {
+ $policy .= 'camera ' . implode(' ', $this->cameraDomains);
+ $policy .= ';';
+ }
+
+ if (empty($this->fullscreenDomains)) {
+ $policy .= "fullscreen 'none';";
+ } else {
+ $policy .= 'fullscreen ' . implode(' ', $this->fullscreenDomains);
+ $policy .= ';';
+ }
+
+ if (empty($this->geolocationDomains)) {
+ $policy .= "geolocation 'none';";
+ } else {
+ $policy .= 'geolocation ' . implode(' ', $this->geolocationDomains);
+ $policy .= ';';
+ }
+
+ if (empty($this->microphoneDomains)) {
+ $policy .= "microphone 'none';";
+ } else {
+ $policy .= 'microphone ' . implode(' ', $this->microphoneDomains);
+ $policy .= ';';
+ }
+
+ if (empty($this->paymentDomains)) {
+ $policy .= "payment 'none';";
+ } else {
+ $policy .= 'payment ' . implode(' ', $this->paymentDomains);
+ $policy .= ';';
+ }
+
+ return rtrim($policy, ';');
+ }
+}
diff --git a/lib/public/AppFramework/Http/FeaturePolicy.php b/lib/public/AppFramework/Http/FeaturePolicy.php
new file mode 100644
index 0000000000000000000000000000000000000000..98cfae8b2f9873bf38eada32f0d7653ba2ed1060
--- /dev/null
+++ b/lib/public/AppFramework/Http/FeaturePolicy.php
@@ -0,0 +1,59 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2019, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCP\AppFramework\Http;
+
+/**
+ * Class FeaturePolicy is a simple helper which allows applications to
+ * modify the Feature-Policy sent by Nextcloud. Per default only autoplay is allowed
+ * from the same domain and full screen as well from the same domain.
+ *
+ * Even if a value gets modified above defaults will still get appended. Please
+ * notice that Nextcloud ships already with sensible defaults and those policies
+ * should require no modification at all for most use-cases.
+ *
+ * @package OCP\AppFramework\Http
+ * @since 17.0.0
+ */
+class FeaturePolicy extends EmptyFeaturePolicy {
+ protected $autoplayDomains = [
+ '\'self\'',
+ ];
+
+ /** @var string[] of allowed domains that can access the camera */
+ protected $cameraDomains = [];
+
+ protected $fullscreenDomains = [
+ '\'self\'',
+ ];
+
+ /** @var string[] of allowed domains that can use the geolocation of the device */
+ protected $geolocationDomains = [];
+
+ /** @var string[] of allowed domains that can use the microphone */
+ protected $microphoneDomains = [];
+
+ /** @var string[] of allowed domains that can use the payment API */
+ protected $paymentDomains = [];
+}
diff --git a/lib/public/AppFramework/Http/Response.php b/lib/public/AppFramework/Http/Response.php
index 98c0a7f5f70cfb185170c966e3aa6bed3a6452bc..bfee7d51549bcf6b270b815dd7cccac9a94cb627 100644
--- a/lib/public/AppFramework/Http/Response.php
+++ b/lib/public/AppFramework/Http/Response.php
@@ -84,6 +84,9 @@ class Response {
/** @var ContentSecurityPolicy|null Used Content-Security-Policy */
private $contentSecurityPolicy = null;
+ /** @var FeaturePolicy */
+ private $featurePolicy;
+
/** @var bool */
private $throttled = false;
/** @var array */
@@ -96,6 +99,7 @@ class Response {
*/
public function __construct() {
$this->setContentSecurityPolicy(new EmptyContentSecurityPolicy());
+ $this->setFeaturePolicy(new EmptyFeaturePolicy());
}
/**
@@ -242,6 +246,7 @@ class Response {
$this->setContentSecurityPolicy(new ContentSecurityPolicy());
}
$this->headers['Content-Security-Policy'] = $this->contentSecurityPolicy->buildPolicy();
+ $this->headers['Feature-Policy'] = $this->featurePolicy->buildPolicy();
if($this->ETag) {
$mergeWith['ETag'] = '"' . $this->ETag . '"';
@@ -295,6 +300,24 @@ class Response {
}
+ /**
+ * @since 17.0.0
+ */
+ public function getFeaturePolicy(): EmptyFeaturePolicy {
+ return $this->featurePolicy;
+ }
+
+ /**
+ * @since 17.0.0
+ */
+ public function setFeaturePolicy(EmptyFeaturePolicy $featurePolicy): self {
+ $this->featurePolicy = $featurePolicy;
+
+ return $this;
+ }
+
+
+
/**
* Get response status
* @since 6.0.0
diff --git a/lib/public/AppFramework/Http/TemplateResponse.php b/lib/public/AppFramework/Http/TemplateResponse.php
index 334928cc03c2a0b156362a52e5ff1dce55c0dea1..da6f93584b620c0a6464bddfe8303e722b998dde 100644
--- a/lib/public/AppFramework/Http/TemplateResponse.php
+++ b/lib/public/AppFramework/Http/TemplateResponse.php
@@ -83,6 +83,7 @@ class TemplateResponse extends Response {
$this->renderAs = $renderAs;
$this->setContentSecurityPolicy(new ContentSecurityPolicy());
+ $this->setFeaturePolicy(new FeaturePolicy());
}
diff --git a/lib/public/Security/FeaturePolicy/AddFeaturePolicyEvent.php b/lib/public/Security/FeaturePolicy/AddFeaturePolicyEvent.php
new file mode 100644
index 0000000000000000000000000000000000000000..ab93844c3f89af9d0275f8fc37615b251a415637
--- /dev/null
+++ b/lib/public/Security/FeaturePolicy/AddFeaturePolicyEvent.php
@@ -0,0 +1,52 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2019, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCP\Security\FeaturePolicy;
+
+use OC\Security\FeaturePolicy\FeaturePolicyManager;
+use OCP\AppFramework\Http\EmptyFeaturePolicy;
+use OCP\EventDispatcher\Event;
+
+/**
+ * @since 17.0.0
+ */
+class AddFeaturePolicyEvent extends Event {
+
+ /** @var FeaturePolicyManager */
+ private $policyManager;
+
+ /**
+ * @since 17.0.0
+ */
+ public function __construct(FeaturePolicyManager $policyManager) {
+ $this->policyManager = $policyManager;
+ }
+
+ /**
+ * @since 17.0.0
+ */
+ public function addPolicy(EmptyFeaturePolicy $policy) {
+ $this->policyManager->addDefaultPolicy($policy);
+ }
+}
diff --git a/tests/lib/AppFramework/Controller/ControllerTest.php b/tests/lib/AppFramework/Controller/ControllerTest.php
index c37a2a3456c26bd66f1cf6d2134ec06c0f3e97bb..09d89aa70fd872d9193dde745ea7e45a3cf19556 100644
--- a/tests/lib/AppFramework/Controller/ControllerTest.php
+++ b/tests/lib/AppFramework/Controller/ControllerTest.php
@@ -117,6 +117,7 @@ class ControllerTest extends \Test\TestCase {
'Cache-Control' => 'no-cache, no-store, must-revalidate',
'Content-Type' => 'application/json; charset=utf-8',
'Content-Security-Policy' => "default-src 'none';base-uri 'none';manifest-src 'self'",
+ 'Feature-Policy' => "autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'",
];
$response = $this->controller->customDataResponse(array('hi'));
diff --git a/tests/lib/AppFramework/Http/DataResponseTest.php b/tests/lib/AppFramework/Http/DataResponseTest.php
index e0eca83f6e9d5d066ea0fb3ac217347672a4240f..9cb99b06b6579ddecf1bec4cd301ecefe2a43a91 100644
--- a/tests/lib/AppFramework/Http/DataResponseTest.php
+++ b/tests/lib/AppFramework/Http/DataResponseTest.php
@@ -69,6 +69,7 @@ class DataResponseTest extends \Test\TestCase {
$expectedHeaders = [
'Cache-Control' => 'no-cache, no-store, must-revalidate',
'Content-Security-Policy' => "default-src 'none';base-uri 'none';manifest-src 'self'",
+ 'Feature-Policy' => "autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'",
];
$expectedHeaders = array_merge($expectedHeaders, $headers);
diff --git a/tests/lib/AppFramework/Http/EmptyFeaturePolicyTest.php b/tests/lib/AppFramework/Http/EmptyFeaturePolicyTest.php
new file mode 100644
index 0000000000000000000000000000000000000000..9150503c632448eefd971f7285f087172fc6ccaf
--- /dev/null
+++ b/tests/lib/AppFramework/Http/EmptyFeaturePolicyTest.php
@@ -0,0 +1,133 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2019, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace Test\AppFramework\Http;
+
+use OCP\AppFramework\Http\EmptyFeaturePolicy;
+
+class EmptyFeaturePolicyTest extends \Test\TestCase {
+
+ /** @var EmptyFeaturePolicy */
+ private $policy;
+
+ public function setUp() {
+ parent::setUp();
+ $this->policy = new EmptyFeaturePolicy();
+ }
+
+ public function testGetPolicyDefault() {
+ $defaultPolicy = "autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'";
+ $this->assertSame($defaultPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyAutoplayDomainValid() {
+ $expectedPolicy = "autoplay www.nextcloud.com;camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'";
+
+ $this->policy->addAllowedAutoplayDomain('www.nextcloud.com');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyAutoplayDomainValidMultiple() {
+ $expectedPolicy = "autoplay www.nextcloud.com www.nextcloud.org;camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'";
+
+ $this->policy->addAllowedAutoplayDomain('www.nextcloud.com');
+ $this->policy->addAllowedAutoplayDomain('www.nextcloud.org');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyCameraDomainValid() {
+ $expectedPolicy = "autoplay 'none';camera www.nextcloud.com;fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'";
+
+ $this->policy->addAllowedCameraDomain('www.nextcloud.com');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyCameraDomainValidMultiple() {
+ $expectedPolicy = "autoplay 'none';camera www.nextcloud.com www.nextcloud.org;fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'";
+
+ $this->policy->addAllowedCameraDomain('www.nextcloud.com');
+ $this->policy->addAllowedCameraDomain('www.nextcloud.org');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyFullScreenDomainValid() {
+ $expectedPolicy = "autoplay 'none';camera 'none';fullscreen www.nextcloud.com;geolocation 'none';microphone 'none';payment 'none'";
+
+ $this->policy->addAllowedFullScreenDomain('www.nextcloud.com');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyFullScreenDomainValidMultiple() {
+ $expectedPolicy = "autoplay 'none';camera 'none';fullscreen www.nextcloud.com www.nextcloud.org;geolocation 'none';microphone 'none';payment 'none'";
+
+ $this->policy->addAllowedFullScreenDomain('www.nextcloud.com');
+ $this->policy->addAllowedFullScreenDomain('www.nextcloud.org');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyGeoLocationDomainValid() {
+ $expectedPolicy = "autoplay 'none';camera 'none';fullscreen 'none';geolocation www.nextcloud.com;microphone 'none';payment 'none'";
+
+ $this->policy->addAllowedGeoLocationDomain('www.nextcloud.com');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyGeoLocationDomainValidMultiple() {
+ $expectedPolicy = "autoplay 'none';camera 'none';fullscreen 'none';geolocation www.nextcloud.com www.nextcloud.org;microphone 'none';payment 'none'";
+
+ $this->policy->addAllowedGeoLocationDomain('www.nextcloud.com');
+ $this->policy->addAllowedGeoLocationDomain('www.nextcloud.org');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyMicrophoneDomainValid() {
+ $expectedPolicy = "autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone www.nextcloud.com;payment 'none'";
+
+ $this->policy->addAllowedMicrophoneDomain('www.nextcloud.com');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyMicrophoneDomainValidMultiple() {
+ $expectedPolicy = "autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone www.nextcloud.com www.nextcloud.org;payment 'none'";
+
+ $this->policy->addAllowedMicrophoneDomain('www.nextcloud.com');
+ $this->policy->addAllowedMicrophoneDomain('www.nextcloud.org');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyPaymentDomainValid() {
+ $expectedPolicy = "autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment www.nextcloud.com";
+
+ $this->policy->addAllowedPaymentDomain('www.nextcloud.com');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyPaymentDomainValidMultiple() {
+ $expectedPolicy = "autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment www.nextcloud.com www.nextcloud.org";
+
+ $this->policy->addAllowedPaymentDomain('www.nextcloud.com');
+ $this->policy->addAllowedPaymentDomain('www.nextcloud.org');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+}
diff --git a/tests/lib/AppFramework/Http/FeaturePolicyTest.php b/tests/lib/AppFramework/Http/FeaturePolicyTest.php
new file mode 100644
index 0000000000000000000000000000000000000000..7c2cc3fa6d533dfd36abcad1d6b12764812a07f1
--- /dev/null
+++ b/tests/lib/AppFramework/Http/FeaturePolicyTest.php
@@ -0,0 +1,133 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2019, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace Test\AppFramework\Http;
+
+use OCP\AppFramework\Http\FeaturePolicy;
+
+class FeaturePolicyTest extends \Test\TestCase {
+
+ /** @var EmptyFeaturePolicy */
+ private $policy;
+
+ public function setUp() {
+ parent::setUp();
+ $this->policy = new FeaturePolicy();
+ }
+
+ public function testGetPolicyDefault() {
+ $defaultPolicy = "autoplay 'self';camera 'none';fullscreen 'self';geolocation 'none';microphone 'none';payment 'none'";
+ $this->assertSame($defaultPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyAutoplayDomainValid() {
+ $expectedPolicy = "autoplay 'self' www.nextcloud.com;camera 'none';fullscreen 'self';geolocation 'none';microphone 'none';payment 'none'";
+
+ $this->policy->addAllowedAutoplayDomain('www.nextcloud.com');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyAutoplayDomainValidMultiple() {
+ $expectedPolicy = "autoplay 'self' www.nextcloud.com www.nextcloud.org;camera 'none';fullscreen 'self';geolocation 'none';microphone 'none';payment 'none'";
+
+ $this->policy->addAllowedAutoplayDomain('www.nextcloud.com');
+ $this->policy->addAllowedAutoplayDomain('www.nextcloud.org');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyCameraDomainValid() {
+ $expectedPolicy = "autoplay 'self';camera www.nextcloud.com;fullscreen 'self';geolocation 'none';microphone 'none';payment 'none'";
+
+ $this->policy->addAllowedCameraDomain('www.nextcloud.com');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyCameraDomainValidMultiple() {
+ $expectedPolicy = "autoplay 'self';camera www.nextcloud.com www.nextcloud.org;fullscreen 'self';geolocation 'none';microphone 'none';payment 'none'";
+
+ $this->policy->addAllowedCameraDomain('www.nextcloud.com');
+ $this->policy->addAllowedCameraDomain('www.nextcloud.org');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyFullScreenDomainValid() {
+ $expectedPolicy = "autoplay 'self';camera 'none';fullscreen 'self' www.nextcloud.com;geolocation 'none';microphone 'none';payment 'none'";
+
+ $this->policy->addAllowedFullScreenDomain('www.nextcloud.com');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyFullScreenDomainValidMultiple() {
+ $expectedPolicy = "autoplay 'self';camera 'none';fullscreen 'self' www.nextcloud.com www.nextcloud.org;geolocation 'none';microphone 'none';payment 'none'";
+
+ $this->policy->addAllowedFullScreenDomain('www.nextcloud.com');
+ $this->policy->addAllowedFullScreenDomain('www.nextcloud.org');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyGeoLocationDomainValid() {
+ $expectedPolicy = "autoplay 'self';camera 'none';fullscreen 'self';geolocation www.nextcloud.com;microphone 'none';payment 'none'";
+
+ $this->policy->addAllowedGeoLocationDomain('www.nextcloud.com');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyGeoLocationDomainValidMultiple() {
+ $expectedPolicy = "autoplay 'self';camera 'none';fullscreen 'self';geolocation www.nextcloud.com www.nextcloud.org;microphone 'none';payment 'none'";
+
+ $this->policy->addAllowedGeoLocationDomain('www.nextcloud.com');
+ $this->policy->addAllowedGeoLocationDomain('www.nextcloud.org');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyMicrophoneDomainValid() {
+ $expectedPolicy = "autoplay 'self';camera 'none';fullscreen 'self';geolocation 'none';microphone www.nextcloud.com;payment 'none'";
+
+ $this->policy->addAllowedMicrophoneDomain('www.nextcloud.com');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyMicrophoneDomainValidMultiple() {
+ $expectedPolicy = "autoplay 'self';camera 'none';fullscreen 'self';geolocation 'none';microphone www.nextcloud.com www.nextcloud.org;payment 'none'";
+
+ $this->policy->addAllowedMicrophoneDomain('www.nextcloud.com');
+ $this->policy->addAllowedMicrophoneDomain('www.nextcloud.org');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyPaymentDomainValid() {
+ $expectedPolicy = "autoplay 'self';camera 'none';fullscreen 'self';geolocation 'none';microphone 'none';payment www.nextcloud.com";
+
+ $this->policy->addAllowedPaymentDomain('www.nextcloud.com');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+
+ public function testGetPolicyPaymentDomainValidMultiple() {
+ $expectedPolicy = "autoplay 'self';camera 'none';fullscreen 'self';geolocation 'none';microphone 'none';payment www.nextcloud.com www.nextcloud.org";
+
+ $this->policy->addAllowedPaymentDomain('www.nextcloud.com');
+ $this->policy->addAllowedPaymentDomain('www.nextcloud.org');
+ $this->assertSame($expectedPolicy, $this->policy->buildPolicy());
+ }
+}
diff --git a/tests/lib/AppFramework/Http/ResponseTest.php b/tests/lib/AppFramework/Http/ResponseTest.php
index e840111db1945a616c24934c025b13537fe74bee..9d6442ea3ce2559cf5d23b444a037267361021d3 100644
--- a/tests/lib/AppFramework/Http/ResponseTest.php
+++ b/tests/lib/AppFramework/Http/ResponseTest.php
@@ -60,6 +60,7 @@ class ResponseTest extends \Test\TestCase {
$this->childResponse->setHeaders($expected);
$headers = $this->childResponse->getHeaders();
$expected['Content-Security-Policy'] = "default-src 'none';base-uri 'none';manifest-src 'self'";
+ $expected['Feature-Policy'] = "autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'";
$this->assertEquals($expected, $headers);
}
@@ -92,7 +93,7 @@ class ResponseTest extends \Test\TestCase {
public function testAddHeaderValueNullDeletesIt(){
$this->childResponse->addHeader('hello', 'world');
$this->childResponse->addHeader('hello', null);
- $this->assertEquals(2, count($this->childResponse->getHeaders()));
+ $this->assertEquals(3, count($this->childResponse->getHeaders()));
}
diff --git a/tests/lib/AppFramework/Middleware/Security/FeaturePolicyMiddlewareTest.php b/tests/lib/AppFramework/Middleware/Security/FeaturePolicyMiddlewareTest.php
new file mode 100644
index 0000000000000000000000000000000000000000..d2ab8d05919a246237bc99dd3c3eac667790a8f1
--- /dev/null
+++ b/tests/lib/AppFramework/Middleware/Security/FeaturePolicyMiddlewareTest.php
@@ -0,0 +1,89 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2019, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace Test\AppFramework\Middleware\Security;
+
+use OC\AppFramework\Middleware\Security\FeaturePolicyMiddleware;
+use OC\Security\CSP\ContentSecurityPolicy;
+use OC\Security\CSRF\CsrfToken;
+use OC\Security\FeaturePolicy\FeaturePolicy;
+use OC\Security\FeaturePolicy\FeaturePolicyManager;
+use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\EmptyContentSecurityPolicy;
+use OCP\AppFramework\Http\EmptyFeaturePolicy;
+use OCP\AppFramework\Http\Response;
+use PHPUnit\Framework\MockObject\MockObject;
+
+class FeaturePolicyMiddlewareTest extends \Test\TestCase {
+
+ /** @var FeaturePolicyMiddleware|MockObject */
+ private $middleware;
+ /** @var Controller|MockObject */
+ private $controller;
+ /** @var FeaturePolicyManager|MockObject */
+ private $manager;
+
+ protected function setUp() {
+ parent::setUp();
+
+ $this->controller = $this->createMock(Controller::class);
+ $this->manager = $this->createMock(FeaturePolicyManager::class);
+ $this->middleware = new FeaturePolicyMiddleware(
+ $this->manager
+ );
+ }
+
+ public function testAfterController() {
+ $response = $this->createMock(Response::class);
+ $defaultPolicy = new FeaturePolicy();
+ $defaultPolicy->addAllowedCameraDomain('defaultpolicy');
+ $currentPolicy = new FeaturePolicy();
+ $currentPolicy->addAllowedAutoplayDomain('currentPolicy');
+ $mergedPolicy = new FeaturePolicy();
+ $mergedPolicy->addAllowedGeoLocationDomain('mergedPolicy');
+ $response->method('getFeaturePolicy')
+ ->willReturn($currentPolicy);
+ $this->manager->method('getDefaultPolicy')
+ ->willReturn($defaultPolicy);
+ $this->manager->method('mergePolicies')
+ ->with($defaultPolicy, $currentPolicy)
+ ->willReturn($mergedPolicy);
+ $response->expects($this->once())
+ ->method('setFeaturePolicy')
+ ->with($mergedPolicy);
+
+ $this->middleware->afterController($this->controller, 'test', $response);
+ }
+
+ public function testAfterControllerEmptyCSP() {
+ $response = $this->createMock(Response::class);
+ $emptyPolicy = new EmptyFeaturePolicy();
+ $response->method('getFeaturePolicy')
+ ->willReturn($emptyPolicy);
+ $response->expects($this->never())
+ ->method('setFeaturePolicy');
+
+ $this->middleware->afterController($this->controller, 'test', $response);
+ }
+}
diff --git a/tests/lib/Security/FeaturePolicy/AddFeaturePolicyEventTest.php b/tests/lib/Security/FeaturePolicy/AddFeaturePolicyEventTest.php
new file mode 100644
index 0000000000000000000000000000000000000000..75525c306cac4190ead3d9c8937fc6d6d1580115
--- /dev/null
+++ b/tests/lib/Security/FeaturePolicy/AddFeaturePolicyEventTest.php
@@ -0,0 +1,44 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2019, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace Test\Security\CSP;
+
+use OC\Security\FeaturePolicy\FeaturePolicyManager;
+use OCP\AppFramework\Http\FeaturePolicy;
+use OCP\Security\FeaturePolicy\AddFeaturePolicyEvent;
+use Test\TestCase;
+
+class AddFeaturePolicyEventTest extends TestCase {
+ public function testAddEvent() {
+ $manager = $this->createMock(FeaturePolicyManager::class);
+ $policy = $this->createMock(FeaturePolicy::class);
+ $event = new AddFeaturePolicyEvent($manager);
+
+ $manager->expects($this->once())
+ ->method('addDefaultPolicy')
+ ->with($policy);
+
+ $event->addPolicy($policy);
+ }
+}
diff --git a/tests/lib/Security/FeaturePolicy/FeaturePolicyManagerTest.php b/tests/lib/Security/FeaturePolicy/FeaturePolicyManagerTest.php
new file mode 100644
index 0000000000000000000000000000000000000000..b4182068b8a947e33cbe3aab5bee70742a2a847a
--- /dev/null
+++ b/tests/lib/Security/FeaturePolicy/FeaturePolicyManagerTest.php
@@ -0,0 +1,93 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2019, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace Test\Security\CSP;
+
+use OC\Security\CSP\ContentSecurityPolicyManager;
+use OC\Security\FeaturePolicy\FeaturePolicyManager;
+use OCP\AppFramework\Http\FeaturePolicy;
+use OCP\EventDispatcher\IEventDispatcher;
+use OCP\Security\CSP\AddContentSecurityPolicyEvent;
+use OCP\Security\FeaturePolicy\AddFeaturePolicyEvent;
+use PHPUnit\Framework\MockObject\MockObject;
+use Symfony\Component\EventDispatcher\EventDispatcher;
+use Symfony\Component\EventDispatcher\EventDispatcherInterface;
+use Test\TestCase;
+
+class FeaturePolicyManagerTest extends TestCase {
+ /** @var EventDispatcherInterface */
+ private $dispatcher;
+
+ /** @var FeaturePolicyManager */
+ private $manager;
+
+ public function setUp() {
+ parent::setUp();
+ $this->dispatcher = \OC::$server->query(IEventDispatcher::class);
+ $this->manager = new FeaturePolicyManager($this->dispatcher);
+ }
+
+ public function testAddDefaultPolicy() {
+ $this->manager->addDefaultPolicy(new FeaturePolicy());
+ $this->addToAssertionCount(1);
+ }
+
+ public function testGetDefaultPolicyWithPoliciesViaEvent() {
+ $this->dispatcher->addListener(AddFeaturePolicyEvent::class, function(AddFeaturePolicyEvent $e) {
+ $policy = new FeaturePolicy();
+ $policy->addAllowedMicrophoneDomain('mydomain.com');
+ $policy->addAllowedPaymentDomain('mypaymentdomain.com');
+
+ $e->addPolicy($policy);
+ });
+
+ $this->dispatcher->addListener(AddFeaturePolicyEvent::class, function(AddFeaturePolicyEvent $e) {
+ $policy = new FeaturePolicy();
+ $policy->addAllowedPaymentDomain('mydomainother.com');
+ $policy->addAllowedGeoLocationDomain('mylocation.here');
+
+ $e->addPolicy($policy);
+ });
+
+ $this->dispatcher->addListener(AddFeaturePolicyEvent::class, function(AddFeaturePolicyEvent $e) {
+ $policy = new FeaturePolicy();
+ $policy->addAllowedAutoplayDomain('youtube.com');
+
+ $e->addPolicy($policy);
+ });
+
+ $expected = new \OC\Security\FeaturePolicy\FeaturePolicy();
+ $expected->addAllowedMicrophoneDomain('mydomain.com');
+ $expected->addAllowedPaymentDomain('mypaymentdomain.com');
+ $expected->addAllowedPaymentDomain('mydomainother.com');
+ $expected->addAllowedGeoLocationDomain('mylocation.here');
+ $expected->addAllowedAutoplayDomain('youtube.com');
+
+ $expectedStringPolicy = "autoplay 'self' youtube.com;camera 'none';fullscreen 'self';geolocation mylocation.here;microphone mydomain.com;payment mypaymentdomain.com mydomainother.com";
+
+ $this->assertEquals($expected, $this->manager->getDefaultPolicy());
+ $this->assertSame($expectedStringPolicy, $this->manager->getDefaultPolicy()->buildPolicy());
+ }
+
+}