|
|
|
|
@ -340,6 +340,9 @@ define([
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
assert(function (cb, msg) {
|
|
|
|
|
msg = msg; // XXX
|
|
|
|
|
return void cb(true);
|
|
|
|
|
/*
|
|
|
|
|
msg.appendChild(h('span', [
|
|
|
|
|
"The spreadsheet editor's code was not served with the required Content-Security Policy headers. ",
|
|
|
|
|
"This is most often caused by incorrectly configured sandbox parameters (",
|
|
|
|
|
@ -357,16 +360,17 @@ define([
|
|
|
|
|
var csp = xhr.getResponseHeader('Content-Security-Policy');
|
|
|
|
|
if (!/unsafe\-eval/.test(csp)) {
|
|
|
|
|
// OnlyOffice requires unsafe-eval
|
|
|
|
|
return cb(false);
|
|
|
|
|
console.error('CSP', csp);
|
|
|
|
|
return cb("expected 'unsafe-eval'");
|
|
|
|
|
}
|
|
|
|
|
if (!/unsafe\-inline/.test(csp)) {
|
|
|
|
|
// OnlyOffice also requires unsafe-inline
|
|
|
|
|
return cb(false);
|
|
|
|
|
console.error('CSP', csp);
|
|
|
|
|
return cb("expected 'unsafe-inline'");
|
|
|
|
|
}
|
|
|
|
|
//console.error('CSP', csp);
|
|
|
|
|
cb(true);
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
}); */
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
assert(function (cb, msg) {
|
|
|
|
|
|
ansuz
4 years ago