diff --git a/apps/comments/src/comments-tab.js b/apps/comments/src/comments-tab.js index c9b3449e05e68..d3ebe3e95961a 100644 --- a/apps/comments/src/comments-tab.js +++ b/apps/comments/src/comments-tab.js @@ -5,12 +5,12 @@ // eslint-disable-next-line n/no-missing-import, import/no-unresolved import MessageReplyText from '@mdi/svg/svg/message-reply-text.svg?raw' -import { getRequestToken } from '@nextcloud/auth' +import { getCSPNonce } from '@nextcloud/auth' import { loadState } from '@nextcloud/initial-state' import { registerCommentsPlugins } from './comments-activity-tab.ts' // @ts-expect-error __webpack_nonce__ is injected by webpack -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() if (loadState('comments', 'activityEnabled', false) && OCA?.Activity?.registerSidebarAction !== undefined) { // Do not mount own tab but mount into activity diff --git a/apps/comments/src/services/CommentsInstance.js b/apps/comments/src/services/CommentsInstance.js index fccf55814ce57..cc45d0cbea7b5 100644 --- a/apps/comments/src/services/CommentsInstance.js +++ b/apps/comments/src/services/CommentsInstance.js @@ -3,16 +3,16 @@ * SPDX-License-Identifier: AGPL-3.0-or-later */ -import { translate as t, translatePlural as n } from '@nextcloud/l10n' -import { getRequestToken } from '@nextcloud/auth' -import Vue from 'vue' +import { getCSPNonce } from '@nextcloud/auth' +import { t, n } from '@nextcloud/l10n' import { PiniaVuePlugin, createPinia } from 'pinia' +import Vue from 'vue' import CommentsApp from '../views/Comments.vue' import logger from '../logger.js' Vue.use(PiniaVuePlugin) // eslint-disable-next-line camelcase -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() // Add translates functions Vue.mixin({ diff --git a/apps/dashboard/src/main.js b/apps/dashboard/src/main.js index f8b92669197a0..dac34e07498df 100644 --- a/apps/dashboard/src/main.js +++ b/apps/dashboard/src/main.js @@ -3,14 +3,15 @@ * SPDX-License-Identifier: AGPL-3.0-or-later */ -import Vue from 'vue' -import DashboardApp from './DashboardApp.vue' +import { getCSPNonce } from '@nextcloud/auth' import { translate as t } from '@nextcloud/l10n' import VTooltip from '@nextcloud/vue/dist/Directives/Tooltip.js' -import { getRequestToken } from '@nextcloud/auth' +import Vue from 'vue' + +import DashboardApp from './DashboardApp.vue' // eslint-disable-next-line camelcase -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() Vue.directive('Tooltip', VTooltip) diff --git a/apps/federatedfilesharing/src/main-admin.js b/apps/federatedfilesharing/src/main-admin.js index 33eadc0af56b9..9e3e25fe7cb02 100644 --- a/apps/federatedfilesharing/src/main-admin.js +++ b/apps/federatedfilesharing/src/main-admin.js @@ -3,13 +3,13 @@ * SPDX-License-Identifier: AGPL-3.0-or-later */ import Vue from 'vue' -import { getRequestToken } from '@nextcloud/auth' +import { getCSPNonce } from '@nextcloud/auth' import { translate as t } from '@nextcloud/l10n' import { loadState } from '@nextcloud/initial-state' import AdminSettings from './components/AdminSettings.vue' -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() Vue.mixin({ methods: { diff --git a/apps/federatedfilesharing/src/main-personal.js b/apps/federatedfilesharing/src/main-personal.js index 368c438a7e974..a4ff1e6a669e7 100644 --- a/apps/federatedfilesharing/src/main-personal.js +++ b/apps/federatedfilesharing/src/main-personal.js @@ -3,12 +3,12 @@ * SPDX-License-Identifier: AGPL-3.0-or-later */ import Vue from 'vue' -import { getRequestToken } from '@nextcloud/auth' +import { getCSPNonce } from '@nextcloud/auth' import { translate as t } from '@nextcloud/l10n' import PersonalSettings from './components/PersonalSettings.vue' -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() Vue.mixin({ methods: { diff --git a/apps/files/src/main-personal-settings.js b/apps/files/src/main-personal-settings.js index c04eb604d3c72..63221b3ceb04a 100644 --- a/apps/files/src/main-personal-settings.js +++ b/apps/files/src/main-personal-settings.js @@ -4,12 +4,12 @@ */ import Vue from 'vue' -import { getRequestToken } from '@nextcloud/auth' +import { getCSPNonce } from '@nextcloud/auth' import PersonalSettings from './components/PersonalSettings.vue' // eslint-disable-next-line camelcase -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() Vue.prototype.t = t diff --git a/apps/files/src/main.ts b/apps/files/src/main.ts index cac0cf25b6d08..7f3f2fe78f5a3 100644 --- a/apps/files/src/main.ts +++ b/apps/files/src/main.ts @@ -2,9 +2,9 @@ * SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -import { PiniaVuePlugin } from 'pinia' +import { getCSPNonce } from '@nextcloud/auth' import { getNavigation } from '@nextcloud/files' -import { getRequestToken } from '@nextcloud/auth' +import { PiniaVuePlugin } from 'pinia' import Vue from 'vue' import { pinia } from './store/index.ts' @@ -14,8 +14,7 @@ import SettingsModel from './models/Setting.js' import SettingsService from './services/Settings.js' import FilesApp from './FilesApp.vue' -// @ts-expect-error __webpack_nonce__ is injected by webpack -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() declare global { interface Window { diff --git a/apps/files_sharing/src/files_sharing_tab.js b/apps/files_sharing/src/files_sharing_tab.js index b7225bc96b8ea..6afcfa76717c4 100644 --- a/apps/files_sharing/src/files_sharing_tab.js +++ b/apps/files_sharing/src/files_sharing_tab.js @@ -4,8 +4,8 @@ */ import Vue from 'vue' -import { translate as t, translatePlural as n } from '@nextcloud/l10n' -import { getRequestToken } from '@nextcloud/auth' +import { getCSPNonce } from '@nextcloud/auth' +import { t, n } from '@nextcloud/l10n' import ShareSearch from './services/ShareSearch.js' import ExternalLinkActions from './services/ExternalLinkActions.js' @@ -16,7 +16,7 @@ import TabSections from './services/TabSections.js' import ShareVariant from '@mdi/svg/svg/share-variant.svg?raw' // eslint-disable-next-line camelcase -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() // Init Sharing Tab Service if (!window.OCA.Sharing) { diff --git a/apps/files_sharing/src/personal-settings.js b/apps/files_sharing/src/personal-settings.js index 3f0161b3ce0a8..e3184f0041e67 100644 --- a/apps/files_sharing/src/personal-settings.js +++ b/apps/files_sharing/src/personal-settings.js @@ -3,13 +3,13 @@ * SPDX-License-Identifier: AGPL-3.0-or-later */ +import { getCSPNonce } from '@nextcloud/auth' import Vue from 'vue' -import { getRequestToken } from '@nextcloud/auth' import PersonalSettings from './components/PersonalSettings.vue' // eslint-disable-next-line camelcase -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() Vue.prototype.t = t diff --git a/apps/settings/src/main-admin-basic-settings.js b/apps/settings/src/main-admin-basic-settings.js index 9be0ab3eaa9d0..80f9c44a35ae6 100644 --- a/apps/settings/src/main-admin-basic-settings.js +++ b/apps/settings/src/main-admin-basic-settings.js @@ -4,7 +4,7 @@ */ import Vue from 'vue' -import { getRequestToken } from '@nextcloud/auth' +import { getCSPNonce } from '@nextcloud/auth' import { loadState } from '@nextcloud/initial-state' import { translate as t } from '@nextcloud/l10n' @@ -13,7 +13,7 @@ import logger from './logger.ts' import ProfileSettings from './components/BasicSettings/ProfileSettings.vue' import BackgroundJob from './components/BasicSettings/BackgroundJob.vue' -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() const profileEnabledGlobally = loadState('settings', 'profileEnabledGlobally', true) diff --git a/apps/settings/src/main-apps-users-management.ts b/apps/settings/src/main-apps-users-management.ts index 650290cf44329..c923406ce7f18 100644 --- a/apps/settings/src/main-apps-users-management.ts +++ b/apps/settings/src/main-apps-users-management.ts @@ -11,7 +11,7 @@ import { translate as t, translatePlural as n } from '@nextcloud/l10n' import SettingsApp from './views/SettingsApp.vue' import router from './router/index.ts' import { useStore } from './store/index.js' -import { getRequestToken } from '@nextcloud/auth' +import { getCSPNonce } from '@nextcloud/auth' import { PiniaVuePlugin, createPinia } from 'pinia' Vue.use(VTooltip, { defaultHtml: false }) @@ -21,7 +21,7 @@ sync(store, router) // CSP config for webpack dynamic chunk loading // eslint-disable-next-line camelcase -__webpack_nonce__ = btoa(getRequestToken() ?? '') +__webpack_nonce__ = getCSPNonce() // bind to window Vue.prototype.t = t diff --git a/apps/settings/src/main-personal-info.js b/apps/settings/src/main-personal-info.js index 2fe7d97b069cb..0a1e983c57684 100644 --- a/apps/settings/src/main-personal-info.js +++ b/apps/settings/src/main-personal-info.js @@ -4,7 +4,7 @@ */ import Vue from 'vue' -import { getRequestToken } from '@nextcloud/auth' +import { getCSPNonce } from '@nextcloud/auth' import { loadState } from '@nextcloud/initial-state' import { translate as t } from '@nextcloud/l10n' @@ -28,7 +28,7 @@ import ProfileVisibilitySection from './components/PersonalInfo/ProfileVisibilit import BirthdaySection from './components/PersonalInfo/BirthdaySection.vue' import FirstDayOfWeekSection from './components/PersonalInfo/FirstDayOfWeekSection.vue' -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() const profileEnabledGlobally = loadState('settings', 'profileEnabledGlobally', true) diff --git a/apps/settings/src/main-personal-security.js b/apps/settings/src/main-personal-security.js index 4582bb0ec5b71..583a375fb0e21 100644 --- a/apps/settings/src/main-personal-security.js +++ b/apps/settings/src/main-personal-security.js @@ -3,7 +3,7 @@ * SPDX-License-Identifier: AGPL-3.0-or-later */ -import { getRequestToken } from '@nextcloud/auth' +import { getCSPNonce } from '@nextcloud/auth' import { PiniaVuePlugin, createPinia } from 'pinia' import VTooltipPlugin from 'v-tooltip' import Vue from 'vue' @@ -13,7 +13,7 @@ import AuthTokenSection from './components/AuthTokenSection.vue' import '@nextcloud/password-confirmation/dist/style.css' // eslint-disable-next-line camelcase -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() const pinia = createPinia() diff --git a/apps/settings/src/webpack.shim.d.ts b/apps/settings/src/webpack.shim.d.ts index ab01418d29b97..3d330bb31287b 100644 --- a/apps/settings/src/webpack.shim.d.ts +++ b/apps/settings/src/webpack.shim.d.ts @@ -2,4 +2,4 @@ * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -declare let __webpack_nonce__: string +declare let __webpack_nonce__: string | undefined diff --git a/apps/sharebymail/src/main-admin.js b/apps/sharebymail/src/main-admin.js index fc0710ea9ad89..dd3f6574adf41 100644 --- a/apps/sharebymail/src/main-admin.js +++ b/apps/sharebymail/src/main-admin.js @@ -3,13 +3,12 @@ * SPDX-License-Identifier: AGPL-3.0-or-later */ -import Vue from 'vue' -import { getRequestToken } from '@nextcloud/auth' +import { getCSPNonce } from '@nextcloud/auth' import { translate as t } from '@nextcloud/l10n' - +import Vue from 'vue' import AdminSettings from './components/AdminSettings.vue' -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() Vue.mixin({ methods: { diff --git a/apps/systemtags/src/admin.ts b/apps/systemtags/src/admin.ts index 59b68f23922dd..892a4cbd169db 100644 --- a/apps/systemtags/src/admin.ts +++ b/apps/systemtags/src/admin.ts @@ -3,13 +3,12 @@ * SPDX-License-Identifier: AGPL-3.0-or-later */ +import { getCSPNonce } from '@nextcloud/auth' import Vue from 'vue' -import { getRequestToken } from '@nextcloud/auth' import SystemTagsSection from './views/SystemTagsSection.vue' -// @ts-expect-error __webpack_nonce__ is injected by webpack -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() const SystemTagsSectionView = Vue.extend(SystemTagsSection) new SystemTagsSectionView().$mount('#vue-admin-systemtags') diff --git a/apps/theming/src/admin-settings.js b/apps/theming/src/admin-settings.js index d6165ee745387..622837658f9b3 100644 --- a/apps/theming/src/admin-settings.js +++ b/apps/theming/src/admin-settings.js @@ -2,13 +2,13 @@ * SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -import { getRequestToken } from '@nextcloud/auth' +import { getCSPNonce } from '@nextcloud/auth' import Vue from 'vue' import App from './AdminTheming.vue' // eslint-disable-next-line camelcase -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() Vue.prototype.OC = OC Vue.prototype.t = t diff --git a/apps/theming/src/personal-settings.js b/apps/theming/src/personal-settings.js index 15190358c36aa..bbee88e3804ae 100644 --- a/apps/theming/src/personal-settings.js +++ b/apps/theming/src/personal-settings.js @@ -2,14 +2,14 @@ * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -import { getRequestToken } from '@nextcloud/auth' +import { getCSPNonce } from '@nextcloud/auth' import Vue from 'vue' import { refreshStyles } from './helpers/refreshStyles.js' import App from './UserTheming.vue' // eslint-disable-next-line camelcase -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() Vue.prototype.OC = OC Vue.prototype.t = t diff --git a/apps/user_status/src/menu.js b/apps/user_status/src/menu.js index 2e5e9be7e3147..34e5e6eabb179 100644 --- a/apps/user_status/src/menu.js +++ b/apps/user_status/src/menu.js @@ -3,16 +3,15 @@ * SPDX-License-Identifier: AGPL-3.0-or-later */ -import Vue from 'vue' -import { getRequestToken } from '@nextcloud/auth' +import { getCSPNonce } from '@nextcloud/auth' import { subscribe } from '@nextcloud/event-bus' +import Vue from 'vue' import UserStatus from './UserStatus.vue' - import store from './store/index.js' // eslint-disable-next-line camelcase -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() Vue.prototype.t = t Vue.prototype.$t = t diff --git a/apps/weather_status/src/weather-status.js b/apps/weather_status/src/weather-status.js index 5f6f258da0412..45c73b87e4af1 100644 --- a/apps/weather_status/src/weather-status.js +++ b/apps/weather_status/src/weather-status.js @@ -3,12 +3,12 @@ * SPDX-License-Identifier: AGPL-3.0-or-later */ +import { getCSPNonce } from '@nextcloud/auth' import Vue from 'vue' -import { getRequestToken } from '@nextcloud/auth' import App from './App.vue' // eslint-disable-next-line camelcase -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() Vue.prototype.t = t diff --git a/core/src/legacy-unified-search.js b/core/src/legacy-unified-search.js index 7916908c04b70..59ee462fbf527 100644 --- a/core/src/legacy-unified-search.js +++ b/core/src/legacy-unified-search.js @@ -4,14 +4,14 @@ */ import { getLoggerBuilder } from '@nextcloud/logger' -import { getRequestToken } from '@nextcloud/auth' +import { getCSPNonce } from '@nextcloud/auth' import { translate as t, translatePlural as n } from '@nextcloud/l10n' import Vue from 'vue' import UnifiedSearch from './views/LegacyUnifiedSearch.vue' // eslint-disable-next-line camelcase -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() const logger = getLoggerBuilder() .setApp('unified-search') diff --git a/core/src/main.js b/core/src/main.js index e01edf3ec1b1e..2d88f15562bee 100644 --- a/core/src/main.js +++ b/core/src/main.js @@ -14,12 +14,12 @@ import './globals.js' import './jquery/index.js' import { initCore } from './init.js' import { registerAppsSlideToggle } from './OC/apps.js' -import { getRequestToken } from '@nextcloud/auth' +import { getCSPNonce } from '@nextcloud/auth' import { generateUrl } from '@nextcloud/router' import Axios from '@nextcloud/axios' // eslint-disable-next-line camelcase -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() window.addEventListener('DOMContentLoaded', function() { initCore() diff --git a/core/src/profile.ts b/core/src/profile.ts index c0ed479c08046..454562edb05a9 100644 --- a/core/src/profile.ts +++ b/core/src/profile.ts @@ -3,14 +3,13 @@ * SPDX-License-Identifier: AGPL-3.0-or-later */ -import { getRequestToken } from '@nextcloud/auth' +import { getCSPNonce } from '@nextcloud/auth' import Vue from 'vue' import Profile from './views/Profile.vue' import ProfileSections from './profile/ProfileSections.js' -// @ts-expect-error Script nonce required for webpack loading additional scripts -__webpack_nonce__ = btoa(getRequestToken() ?? '') +__webpack_nonce__ = getCSPNonce() if (!window.OCA) { window.OCA = {} diff --git a/core/src/recommendedapps.js b/core/src/recommendedapps.js index b7350703f0951..13f16436ed373 100644 --- a/core/src/recommendedapps.js +++ b/core/src/recommendedapps.js @@ -3,7 +3,7 @@ * SPDX-License-Identifier: AGPL-3.0-or-later */ -import { getRequestToken } from '@nextcloud/auth' +import { getCSPNonce } from '@nextcloud/auth' import { translate as t } from '@nextcloud/l10n' import Vue from 'vue' @@ -11,7 +11,7 @@ import logger from './logger.js' import RecommendedApps from './components/setup/RecommendedApps.vue' // eslint-disable-next-line camelcase -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() Vue.mixin({ methods: { diff --git a/core/src/unified-search.ts b/core/src/unified-search.ts index 95f4c865eaf4e..fd5f9cb1fdf0b 100644 --- a/core/src/unified-search.ts +++ b/core/src/unified-search.ts @@ -4,7 +4,7 @@ */ import { getLoggerBuilder } from '@nextcloud/logger' -import { getRequestToken } from '@nextcloud/auth' +import { getCSPNonce } from '@nextcloud/auth' import { translate as t, translatePlural as n } from '@nextcloud/l10n' import { createPinia, PiniaVuePlugin } from 'pinia' import Vue from 'vue' @@ -13,7 +13,7 @@ import UnifiedSearch from './views/UnifiedSearch.vue' import { useSearchStore } from '../src/store/unified-search-external-filters.js' // eslint-disable-next-line camelcase -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() const logger = getLoggerBuilder() .setApp('unified-search') diff --git a/core/src/unsupported-browser-redirect.js b/core/src/unsupported-browser-redirect.js index ea4f502127f12..64620afa0854a 100644 --- a/core/src/unsupported-browser-redirect.js +++ b/core/src/unsupported-browser-redirect.js @@ -3,10 +3,10 @@ * SPDX-License-Identifier: AGPL-3.0-or-later */ -import { getRequestToken } from '@nextcloud/auth' +import { getCSPNonce } from '@nextcloud/auth' // eslint-disable-next-line camelcase -__webpack_nonce__ = btoa(getRequestToken()) +__webpack_nonce__ = getCSPNonce() if (!window.TESTING && !OC?.config?.no_unsupported_browser_warning) { window.addEventListener('DOMContentLoaded', async function() { diff --git a/package-lock.json b/package-lock.json index 5037cfc17bab6..a8e0fe26193d2 100644 --- a/package-lock.json +++ b/package-lock.json @@ -12,7 +12,7 @@ "@chenfengyuan/vue-qrcode": "^1.0.2", "@mdi/js": "^7.4.47", "@mdi/svg": "^7.4.47", - "@nextcloud/auth": "^2.3.0", + "@nextcloud/auth": "^2.4.0", "@nextcloud/axios": "^2.5.0", "@nextcloud/browser-storage": "^0.4.0", "@nextcloud/browserslist-config": "^3.0.1", @@ -4431,12 +4431,12 @@ "license": "Apache-2.0" }, "node_modules/@nextcloud/auth": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/@nextcloud/auth/-/auth-2.3.0.tgz", - "integrity": "sha512-PCkRJbML9sXvBENY43vTIERIZJFk2azu08IK6zYOnOZ7cFkD1QlFJtdTCZTImQLg01IXhIm0j0ExEdatHoqz7g==", - "license": "GPL-3.0-or-later", + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/@nextcloud/auth/-/auth-2.4.0.tgz", + "integrity": "sha512-T5OFltKd0O9Hfj47VrzE7TVjCwqOMHH9JLyjjLUR3pu2MaTY9WL6AjL79sHbFTXUaIkftZgJKu12lHYmqXnL2Q==", "dependencies": { - "@nextcloud/event-bus": "^3.2.0" + "@nextcloud/browser-storage": "^0.4.0", + "@nextcloud/event-bus": "^3.3.1" }, "engines": { "node": "^20.0.0", diff --git a/package.json b/package.json index 133b4777ec049..191e054fddd76 100644 --- a/package.json +++ b/package.json @@ -40,7 +40,7 @@ "@chenfengyuan/vue-qrcode": "^1.0.2", "@mdi/js": "^7.4.47", "@mdi/svg": "^7.4.47", - "@nextcloud/auth": "^2.3.0", + "@nextcloud/auth": "^2.4.0", "@nextcloud/axios": "^2.5.0", "@nextcloud/browser-storage": "^0.4.0", "@nextcloud/browserslist-config": "^3.0.1",