dépôts / lhc / web / wiklou.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
SECURITY: rate-limit and prevent blocked users from changing email
[lhc/web/wiklou.git] / includes / Html.php
diff --git a/includes/Html.php b/includes/Html.php
index 61785d5..aa51243 100644 (file)
--- a/includes/Html.php
+++ b/includes/Html.php
@@ -574,10 +574,8 @@ class Html {
                $attrs = [];
                if ( $nonce !== null ) {
                        $attrs['nonce'] = $nonce;
-               } else {
-                       if ( ContentSecurityPolicy::isNonceRequired( RequestContext::getMain()->getConfig() ) ) {
-                               wfWarn( "no nonce set on script. CSP will break it" );
-                       }
+               } elseif ( ContentSecurityPolicy::isNonceRequired( RequestContext::getMain()->getConfig() ) ) {
+                       wfWarn( "no nonce set on script. CSP will break it" );
                }
 
                if ( preg_match( '/<\/?script/i', $contents ) ) {
@@ -600,10 +598,8 @@ class Html {
                $attrs = [ 'src' => $url ];
                if ( $nonce !== null ) {
                        $attrs['nonce'] = $nonce;
-               } else {
-                       if ( ContentSecurityPolicy::isNonceRequired( RequestContext::getMain()->getConfig() ) ) {
-                               wfWarn( "no nonce set on script. CSP will break it" );
-                       }
+               } elseif ( ContentSecurityPolicy::isNonceRequired( RequestContext::getMain()->getConfig() ) ) {
+                       wfWarn( "no nonce set on script. CSP will break it" );
                }
 
                return self::element( 'script', $attrs );
Wiklou, le Wiki du Wiklou