feat: Add headers for wasm support if CO has hasWASMSupport enabled

which was added in: CollaboraOnline/online#7784 Signed-off-by: Caolán McNamara <[email protected]>
nextcloud · Dec 7, 2023 · 571472e · 571472e
1 parent e9f8d1f
commit 571472e
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 5 deletions.
diff --git a/lib/Listener/AddContentSecurityPolicyListener.php b/lib/Listener/AddContentSecurityPolicyListener.php
@@ -25,6 +25,7 @@
 namespace OCA\Richdocuments\Listener;
 
 use OCA\Richdocuments\AppConfig;
+use OCA\Richdocuments\Service\CapabilitiesService;
 use OCP\AppFramework\Http\EmptyContentSecurityPolicy;
 use OCP\EventDispatcher\Event;
 use OCP\EventDispatcher\IEventListener;
@@ -36,6 +37,7 @@ class AddContentSecurityPolicyListener implements IEventListener {
 	public function __construct(
 		private IRequest $request,
 		private AppConfig $config,
+		private CapabilitiesService $capabilitiesService,
 	) {
 	}
 
@@ -51,7 +53,10 @@ public function handle(Event $event): void {
 		$policy = new EmptyContentSecurityPolicy();
 		$policy->addAllowedFrameDomain("'self'");
 		$policy->addAllowedFrameDomain("nc:");
-		$policy->allowEvalWasm(true);
+
+		if ($this->capabilitiesService->hasWASMSupport()) {
+			$policy->allowEvalWasm(true);
+		}
 
 		foreach ($this->config->getDomainList() as $url) {
 			$policy->addAllowedFrameDomain($url);

diff --git a/lib/Listener/BeforeTemplateRenderedListener.php b/lib/Listener/BeforeTemplateRenderedListener.php
@@ -4,20 +4,27 @@
 
 namespace OCA\Richdocuments\Listener;
 
+use OCA\Richdocuments\Service\CapabilitiesService;
 use OCP\AppFramework\Http\Events\BeforeTemplateRenderedEvent;
 use OCP\EventDispatcher\Event;
 use OCP\EventDispatcher\IEventListener;
 
 /** @template-implements IEventListener<BeforeTemplateRenderedEvent|Event> */
 class BeforeTemplateRenderedListener implements IEventListener {
+	private CapabilitiesService $capabilitiesService;
+
+	public function __construct(CapabilitiesService $capabilitiesService) {
+		$this->capabilitiesService = $capabilitiesService;
+	}
+
 	public function handle(Event $event): void {
 		if (!$event instanceof BeforeTemplateRenderedEvent) {
 			return;
 		}
 
-		// FIXME: Might be too wide, we should only do this when needed
-
-		//$event->getResponse()->addHeader('Cross-Origin-Opener-Policy', 'unsafe-none');
-		//$event->getResponse()->addHeader('Cross-Origin-Embedder-Policy', 'require-corp');
+		if ($this->capabilitiesService->hasWASMSupport()) {
+			$event->getResponse()->addHeader('Cross-Origin-Opener-Policy', 'same-origin');
+			$event->getResponse()->addHeader('Cross-Origin-Embedder-Policy', 'require-corp');
+		}
 	}
 }
diff --git a/lib/Service/CapabilitiesService.php b/lib/Service/CapabilitiesService.php
@@ -114,6 +114,10 @@ public function hasZoteroSupport(): bool {
 		return $this->getCapabilities()['hasZoteroSupport'] ?? false;
 	}
 
+	public function hasWASMSupport(): bool {
+		return $this->getCapabilities()['hasWASMSupport'] ?? false;
+	}
+
 	public function getProductName(): string {
 		$theme = $this->config->getAppValue(Application::APPNAME, 'theme', 'nextcloud');