projects / akkoma / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
http security: remove form-action from CSP definitions
[akkoma] / lib / pleroma / plugs / http_security_plug.ex
diff --git a/lib/pleroma/plugs/http_security_plug.ex b/lib/pleroma/plugs/http_security_plug.ex
index 960c7f6bfb25774d05667e6a461f863f1903e433..31c7332f8fc30e7824c33b1c2263d220a9f76ec9 100644 (file)
--- a/lib/pleroma/plugs/http_security_plug.ex
+++ b/lib/pleroma/plugs/http_security_plug.ex
@@ -32,7 +32,6 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do
     [
       "default-src 'none'",
       "base-uri 'self'",
-      "form-action *",
       "frame-ancestors 'none'",
       "img-src 'self' data: https:",
       "media-src 'self' https:",
Fork of https://akkoma.dev/AkkomaGang/akkoma.git