diff options
| author | Brian Wolff <bawolff+wn@gmail.com> | 2019-10-27 22:01:17 -0700 |
|---|---|---|
| committer | Brian Wolff <bawolff+wn@gmail.com> | 2019-10-28 09:02:14 -0700 |
| commit | 67ea4f574779c6b343a3587c9bc50fdf1e00359b (patch) | |
| tree | f9b53968c6d7778ad3aebe62fd8ea7d35e41b561 /includes/Html.php | |
| parent | 90b884b6a02be7508c90259aaeebc9b1a0121e2f (diff) | |
| download | mediawikicore-67ea4f574779c6b343a3587c9bc50fdf1e00359b.tar.gz mediawikicore-67ea4f574779c6b343a3587c9bc50fdf1e00359b.zip | |
Mild refactoring of ContentSecurityPolicy
This is to make it behave in a more object orientied way. The
goal is to make it be easier to allow extensions to mark certain
pages as requiring a different policy (For example, CodeEditor
extension uses a blob: url with a WebWorker. We don't want to
include that on the policy of every page, but allow the extension
to mark it as required whenever needed).
This commit does not change code behaviour in any way.
Change-Id: I4bf53dabb6e6c5446cea99a64db68b300cef2fd4
Diffstat (limited to 'includes/Html.php')
| -rw-r--r-- | includes/Html.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/includes/Html.php b/includes/Html.php index ea2ce07a3297..133a379168bc 100644 --- a/includes/Html.php +++ b/includes/Html.php @@ -566,7 +566,7 @@ class Html { * a warning is logged server-side. * * @param string $contents JavaScript - * @param string|null $nonce Nonce for CSP header, from OutputPage::getCSPNonce() + * @param string|null $nonce Nonce for CSP header, from OutputPage->getCSP()->getNonce() * @return string Raw HTML */ public static function inlineScript( $contents, $nonce = null ) { @@ -590,7 +590,7 @@ class Html { * "<script src=foo.js></script>". * * @param string $url - * @param string|null $nonce Nonce for CSP header, from OutputPage::getCSPNonce() + * @param string|null $nonce Nonce for CSP header, from OutputPage->getCSP()->getNonce() * @return string Raw HTML */ public static function linkedScript( $url, $nonce = null ) { |