* @author John Molakvoæ * * @license GNU AGPL version 3 or any later version * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as * published by the Free Software Foundation, either version 3 of the * License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . * */ namespace OCA\Files_PDFViewer\Controller; use OCA\Files_PDFViewer\AppInfo\Application; use OCP\AppFramework\Controller; use OCP\AppFramework\Http\ContentSecurityPolicy; use OCP\AppFramework\Http\TemplateResponse; use OCP\IRequest; use OCP\IURLGenerator; class DisplayController extends Controller { /** @var IURLGenerator */ private $urlGenerator; /** * @param IRequest $request * @param IURLGenerator $urlGenerator */ public function __construct(IRequest $request, IURLGenerator $urlGenerator) { parent::__construct(Application::APP_ID, $request); $this->urlGenerator = $urlGenerator; } /** * @PublicPage * @NoCSRFRequired * * @param bool $minmode * @return TemplateResponse */ public function showPdfViewer(bool $minmode = false): TemplateResponse { $params = [ 'urlGenerator' => $this->urlGenerator, 'minmode' => $minmode ]; $response = new TemplateResponse(Application::APP_ID, 'viewer', $params, 'blank'); $policy = new ContentSecurityPolicy(); $policy->addAllowedChildSrcDomain('\'self\''); $policy->addAllowedFontDomain('data:'); $policy->addAllowedImageDomain('*'); // Needed for the ES5 compatible build of PDF.js $policy->allowEvalScript(true); $response->setContentSecurityPolicy($policy); return $response; } }