projects
/
akkoma
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge branch 'develop' of https://git.pleroma.social/pleroma/pleroma into develop
[akkoma]
/
lib
/
pleroma
/
plugs
/
http_security_plug.ex
diff --git
a/lib/pleroma/plugs/http_security_plug.ex
b/lib/pleroma/plugs/http_security_plug.ex
index 2208d1d6ce7c5127867fc5b363ef7bb6a470903f..1420a96113e92a777df09ef5263c317c032a7b69 100644
(file)
--- a/
lib/pleroma/plugs/http_security_plug.ex
+++ b/
lib/pleroma/plugs/http_security_plug.ex
@@
-75,10
+75,10
@@
defmodule Pleroma.Plugs.HTTPSecurityPlug do
sources = get_proxy_and_attachment_sources()
{[img_src, sources], [media_src, sources]}
else
sources = get_proxy_and_attachment_sources()
{[img_src, sources], [media_src, sources]}
else
- {
img_src, media_src
}
+ {
[img_src, " https:"], [media_src, " https:"]
}
end
end
- connect_src = ["connect-src 'self' ", static_url, ?\s, websocket_url]
+ connect_src = ["connect-src 'self'
blob:
", static_url, ?\s, websocket_url]
connect_src =
if Pleroma.Config.get(:env) == :dev do
connect_src =
if Pleroma.Config.get(:env) == :dev do
@@
-113,6
+113,10
@@
defmodule Pleroma.Plugs.HTTPSecurityPlug do
add_source(acc, host)
end)
add_source(acc, host)
end)
+ media_proxy_base_url =
+ if Config.get([:media_proxy, :base_url]),
+ do: URI.parse(Config.get([:media_proxy, :base_url])).host
+
upload_base_url =
if Config.get([Pleroma.Upload, :base_url]),
do: URI.parse(Config.get([Pleroma.Upload, :base_url])).host
upload_base_url =
if Config.get([Pleroma.Upload, :base_url]),
do: URI.parse(Config.get([Pleroma.Upload, :base_url])).host
@@
-122,6
+126,7
@@
defmodule Pleroma.Plugs.HTTPSecurityPlug do
do: URI.parse(Config.get([Pleroma.Uploaders.S3, :public_endpoint])).host
[]
do: URI.parse(Config.get([Pleroma.Uploaders.S3, :public_endpoint])).host
[]
+ |> add_source(media_proxy_base_url)
|> add_source(upload_base_url)
|> add_source(s3_endpoint)
|> add_source(media_proxy_whitelist)
|> add_source(upload_base_url)
|> add_source(s3_endpoint)
|> add_source(media_proxy_whitelist)