urlGenerator = $urlGenerator; $this->rootFolder = $rootFolder; $this->userId = $UserId; $this->bookmarkService = $bookmarkService; $this->metadataService = $metadataService; $this->preferenceService = $preferenceService; } /** * @PublicPage * @NoCSRFRequired * * @return TemplateResponse */ public function showReader() { $templates= [ 'application/epub+zip' => 'epubreader', 'application/x-cbr' => 'cbreader' ]; $fileId = $this->getFileIdFromDownloadPath($this->request->get['file']); $type = $this->request->get["type"]; $scope = $template = $templates[$type]; $params = [ 'urlGenerator' => $this->urlGenerator, 'downloadLink' => $this->request->get['file'], 'scope' => $scope, 'fileId' => $fileId, 'cursor' => $this->toJson($this->bookmarkService->getCursor($fileId)), 'defaults' => $this->toJson($this->preferenceService->getDefault($scope)), 'preferences' => $this->toJson($this->preferenceService->get($scope, $fileId)), 'metadata' => $this->toJson($this->metadataService->get($fileId)) ]; $response = new TemplateResponse($this->appName, $template, $params, 'blank'); /* $csp = new ContentSecurityPolicy(); $csp->addAllowedStyleDomain('\'self\''); $csp->addAllowedStyleDomain('blob:'); $csp->addAllowedScriptDomain('\'self\''); $csp->addAllowedFrameDomain('\'self\''); $csp->addAllowedChildSrcDomain('\'self\''); $csp->addAllowedFontDomain('\'self\''); $csp->addAllowedImageDomain('blob:'); $response->setContentSecurityPolicy($csp); */ return $response; } private function getFileIdFromDownloadPath($path) { return $this->rootFolder->getUserFolder($this->userId) ->get(explode("/", rawurldecode($this->request->get['file']),4)[3]) ->getFileInfo() ->getId(); } private function toJson($value) { return htmlspecialchars(json_encode($value), ENT_QUOTES, 'UTF-8'); } }