daenamnu/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2026-05-28 14:30:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
3d322e2fe2879fb77a10cf9983e471cb15c1b229
nextcloud/php/public
History
copilot-swe-agent[bot] 3d322e2fe2 Move security headers from Caddyfiles to PHP middleware 
- Add SecurityHeadersMiddleware that sets Content-Security-Policy,
  X-Content-Type-Options, X-Frame-Options, X-Permitted-Cross-Domain-Policies,
  X-DNS-Prefetch-Control, Referrer-Policy, and X-Robots-Tag on all responses
- Register SecurityHeadersMiddleware in index.php
- Add click-handlers.js for CSP-compliant event handling (data-confirm,
  data-stop-event-propagation)
- Update toggle-dark-mode.js to attach click handler via addEventListener
- Remove inline onclick from theme toggle button in layout.twig
- Replace all inline onclick with data-confirm in containers.twig,
  community-containers.twig, and optional-containers.twig

Co-authored-by: szaimen <42591237+szaimen@users.noreply.github.com>
Agent-Logs-Url: https://github.com/nextcloud/all-in-one/sessions/d87889ba-d2ad-4d76-b257-2afd725dac28
2026-03-25 11:39:40 +00:00
..
img
aio-interface: add new background for hub 25 Autumn
2025-09-16 13:32:20 +02:00
automatic_reload.js
try to fix glitchy buttons
2024-05-16 10:56:17 +02:00
base_path.js
Added suggested changes
2025-11-04 15:10:41 +01:00
before-unload.js
add before-unload animation
2022-03-30 17:06:01 +02:00
click-handlers.js
Move security headers from Caddyfiles to PHP middleware
2026-03-25 11:39:40 +00:00
containers-form-submit.js
fix js detail with harp
2026-02-26 11:12:06 +01:00
disable-clamav.js
Move vars to lets and fix some things with recording.conf
2023-06-06 11:27:52 +02:00
disable-collabora.js
feat: Add office switcher with feature comparison (#7421)
2026-01-28 09:53:53 +01:00
disable-docker-socket-proxy.js
disable docker-socket-proxy temporarily
2023-08-30 12:42:57 +02:00
disable-fulltextsearch.js
Move vars to lets and fix some things with recording.conf
2023-06-06 11:27:52 +02:00
disable-harp.js
feat(app-api): add HaRP container (#7493)
2026-02-18 13:45:44 +01:00
disable-imaginary.js
Move vars to lets and fix some things with recording.conf
2023-06-06 11:27:52 +02:00
disable-onlyoffice.js
feat: Add office switcher with feature comparison (#7421)
2026-01-28 09:53:53 +01:00
disable-talk-recording.js
allow to disable/enable talk-recording
2023-06-05 18:52:05 +02:00
disable-talk.js
Move vars to lets and fix some things with recording.conf
2023-06-06 11:27:52 +02:00
disable-whiteboard.js
add whiteboard container
2024-09-16 17:59:15 +02:00
forms.js
Remove console logging
2026-02-17 16:35:01 +01:00
index.php
Move security headers from Caddyfiles to PHP middleware
2026-03-25 11:39:40 +00:00
log-view.js
Auto-load only new log data
2026-02-25 16:45:41 +01:00
robots.txt
disallow getting indexed
2022-01-01 17:52:03 +01:00
second-tab-warning.js
add 2nd tab warning
2022-10-16 18:58:59 +02:00
style.css
aio-interface: fix progress box and log view on mbile
2026-03-09 12:16:05 +01:00
timezone.js
pre-fill the timezone
2024-05-16 10:56:17 +02:00
toggle-dark-mode.js
Move security headers from Caddyfiles to PHP middleware
2026-03-25 11:39:40 +00:00