upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-04-21 06:08:46 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 14

chore(EventSource): drop legacy server-side fallback

Browse source 
Signed-off-by: Josh <josh.t.richards@gmail.com>
This commit is contained in:
Josh 2026-03-21 09:18:06 -04:00 committed by GitHub
parent 1c1bd469b8
commit 24550e5aac
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 5 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
lib/private/EventSource.php
View file

@ -2,7 +2,7 @@
declare(strict_types=1);
/**
* SPDX-FileCopyrightText: 2020-2024 Nextcloud GmbH and Nextcloud contributors
* SPDX-FileCopyrightText: 2020-2026 Nextcloud GmbH and Nextcloud contributors
* SPDX-FileCopyrightText: 2016 ownCloud, Inc.
* SPDX-License-Identifier: AGPL-3.0-only
*/
@ -12,8 +12,6 @@ use OCP\IEventSource;
use OCP\IRequest;
class EventSource implements IEventSource {
private bool $fallback = false;
private int $fallBackId = 0;
private bool $started = false;
public function __construct(
@ -31,25 +29,7 @@ class EventSource implements IEventSource {
\OC_Util::obEnd();
header('Cache-Control: no-cache');
header('X-Accel-Buffering: no');
$this->fallback = isset($_GET['fallback']) && $_GET['fallback'] == 'true';
if ($this->fallback) {
$this->fallBackId = (int)$_GET['fallback_id'];
/**
* FIXME: The default content-security-policy of ownCloud forbids inline
* JavaScript for security reasons. IE starting on Windows 10 will
* however also obey the CSP which will break the event source fallback.
*
* As a workaround thus we set a custom policy which allows the execution
* of inline JavaScript.
*
* @link https://github.com/owncloud/core/issues/14286
*/
header("Content-Security-Policy: default-src 'none'; script-src 'unsafe-inline'");
header('Content-Type: text/html');
echo str_repeat('<span></span>' . PHP_EOL, 10); //dummy data to keep IE happy
} else {
header('Content-Type: text/event-stream');
}
header('Content-Type: text/event-stream');
if (!$this->request->passesStrictCookieCheck()) {
header('Location: ' . \OC::$WEBROOT);
exit();
@ -81,16 +61,10 @@ class EventSource implements IEventSource {
$data = $type;
$type = null;
}
if ($this->fallback) {
$response = '<script type="text/javascript">window.parent.OC.EventSource.fallBackCallBack('
. $this->fallBackId . ',"' . ($type ?? '') . '",' . json_encode($data, JSON_HEX_TAG) . ')</script>' . PHP_EOL;
echo $response;
} else {
if ($type) {
echo 'event: ' . $type . PHP_EOL;
}
echo 'data: ' . json_encode($data, JSON_HEX_TAG) . PHP_EOL;
if ($type) {
echo 'event: ' . $type . PHP_EOL;
}
echo 'data: ' . json_encode($data, JSON_HEX_TAG) . PHP_EOL;
echo PHP_EOL;
flush();
}