hardcoresushi/libpdfviewer
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

replace Feature-Policy with Permissions-Policy

Browse Source
This commit is contained in:
Daniel Micay 2021-11-21 15:45:58 -05:00
parent 262d110266
commit bcef367a58
1 changed files with 28 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
app/src/main/java/org/grapheneos/pdfviewer/PdfViewer.java
View File

@ -57,24 +57,33 @@ public class PdfViewer extends AppCompatActivity implements LoaderManager.Loader
"frame-ancestors 'none'; " + "frame-ancestors 'none'; " +
"base-uri 'none'"; "base-uri 'none'";
private static final String FEATURE_POLICY = private static final String PERMISSIONS_POLICY =
"accelerometer 'none'; " + "accelerometer=(), " +
"ambient-light-sensor 'none'; " + "ambient-light-sensor=(), " +
"autoplay 'none'; " + "autoplay=(), " +
"camera 'none'; " + "battery=(), " +
"encrypted-media 'none'; " + "camera=(), " +
"fullscreen 'none'; " + "clipboard-read=(), " +
"geolocation 'none'; " + "clipboard-write=(), " +
"gyroscope 'none'; " + "display-capture=(), " +
"magnetometer 'none'; " + "document-domain=(), " +
"microphone 'none'; " + "encrypted-media=(), " +
"midi 'none'; " + "fullscreen=(), " +
"payment 'none'; " + "geolocation=(), " +
"picture-in-picture 'none'; " + "gyroscope=(), " +
"speaker 'none'; " + "hid=(), " +
"sync-xhr 'none'; " + "interest-cohort=(), " +
"usb 'none'; " + "magnetometer=(), " +
"vr 'none'"; "microphone=(), " +
"midi=(), " +
"payment=(), " +
"picture-in-picture=(), " +
"publickey-credentials-get=(), " +
"screen-wake-lock=(), " +
"serial=(), " +
"sync-xhr=(), " +
"usb=(), " +
"xr-spatial-tracking=()";
private static final float MIN_ZOOM_RATIO = 0.5f; private static final float MIN_ZOOM_RATIO = 0.5f;
private static final float MAX_ZOOM_RATIO = 1.5f; private static final float MAX_ZOOM_RATIO = 1.5f;
@ -205,7 +214,7 @@ public class PdfViewer extends AppCompatActivity implements LoaderManager.Loader
final WebResourceResponse response = fromAsset("text/html", path); final WebResourceResponse response = fromAsset("text/html", path);
HashMap<String, String> headers = new HashMap<String, String>(); HashMap<String, String> headers = new HashMap<String, String>();
headers.put("Content-Security-Policy", CONTENT_SECURITY_POLICY); headers.put("Content-Security-Policy", CONTENT_SECURITY_POLICY);
headers.put("Feature-Policy", FEATURE_POLICY); headers.put("Permissions-Policy", PERMISSIONS_POLICY);
headers.put("X-Content-Type-Options", "nosniff"); headers.put("X-Content-Type-Options", "nosniff");
response.setResponseHeaders(headers); response.setResponseHeaders(headers);
return response; return response;