projects
/
akkoma
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Warn if HTTPSecurityPlug is disabled
[akkoma]
/
lib
/
pleroma
/
plugs
/
http_security_plug.ex
diff --git
a/lib/pleroma/plugs/http_security_plug.ex
b/lib/pleroma/plugs/http_security_plug.ex
index 485ddfbc72ef03263199aaa4d4abd6c16829daa1..8bc324f48ecbef8c5f5b4bfbeae07d83526743fb 100644
(file)
--- a/
lib/pleroma/plugs/http_security_plug.ex
+++ b/
lib/pleroma/plugs/http_security_plug.ex
@@
-6,6
+6,8
@@
defmodule Pleroma.Plugs.HTTPSecurityPlug do
alias Pleroma.Config
import Plug.Conn
alias Pleroma.Config
import Plug.Conn
+ require Logger
+
def init(opts), do: opts
def call(conn, _options) do
def init(opts), do: opts
def call(conn, _options) do
@@
-56,14
+58,14
@@
defmodule Pleroma.Plugs.HTTPSecurityPlug do
connect_src = "connect-src 'self' #{static_url} #{websocket_url}"
connect_src =
connect_src = "connect-src 'self' #{static_url} #{websocket_url}"
connect_src =
- if
Mix.env(
) == :dev do
+ if
Pleroma.Config.get(:env
) == :dev do
connect_src <> " http://localhost:3035/"
else
connect_src
end
script_src =
connect_src <> " http://localhost:3035/"
else
connect_src
end
script_src =
- if
Mix.env(
) == :dev do
+ if
Pleroma.Config.get(:env
) == :dev do
"script-src 'self' 'unsafe-eval'"
else
"script-src 'self'"
"script-src 'self' 'unsafe-eval'"
else
"script-src 'self'"
@@
-90,6
+92,15
@@
defmodule Pleroma.Plugs.HTTPSecurityPlug do
|> Enum.join("; ")
end
|> Enum.join("; ")
end
+ def warn_if_disabled do
+ unless Config.get([:http_security, :enabled]) do
+ Logger.warn("HTTP Security is disabled. Add this line to you config to enable it:
+
+ config :pleroma, :http_security, enabled: true
+ ")
+ end
+ end
+
defp maybe_send_sts_header(conn, true) do
max_age_sts = Config.get([:http_security, :sts_max_age])
max_age_ct = Config.get([:http_security, :ct_max_age])
defp maybe_send_sts_header(conn, true) do
max_age_sts = Config.get([:http_security, :sts_max_age])
max_age_ct = Config.get([:http_security, :ct_max_age])