X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;ds=sidebyside;f=lib%2Fpleroma%2Fweb%2Fpreload.ex;h=57705d2de9b281b20bc09b6f1c39d7a022ed7458;hb=6be3383a094d2d9b017b548de53e67ed6e8c9811;hp=f13932b890a0fa025954f8ba1341ce8cd935bbf5;hpb=dbcc1b105ee1a2552595d189d8ac9d8484ffb601;p=akkoma
diff --git a/lib/pleroma/web/preload.ex b/lib/pleroma/web/preload.ex
index f13932b89..57705d2de 100644
--- a/lib/pleroma/web/preload.ex
+++ b/lib/pleroma/web/preload.ex
@@ -1,32 +1,36 @@
# Pleroma: A lightweight social networking server
-# Copyright © 2017-2020 Pleroma Authors
+# Copyright © 2017-2021 Pleroma Authors
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.Preload do
alias Phoenix.HTML
- require Logger
- def build_tags(_conn, params) do
+ def build_tags(%{assigns: %{csp_nonce: nonce}}, params) do
preload_data =
Enum.reduce(Pleroma.Config.get([__MODULE__, :providers], []), %{}, fn parser, acc ->
- Map.merge(acc, parser.generate_terms(params))
+ terms =
+ params
+ |> parser.generate_terms()
+ |> Enum.map(fn {k, v} -> {k, Base.encode64(Jason.encode!(v))} end)
+ |> Enum.into(%{})
+
+ Map.merge(acc, terms)
end)
rendered_html =
preload_data
|> Jason.encode!()
- |> build_script_tag()
+ |> build_script_tag(nonce)
|> HTML.safe_to_string()
rendered_html
end
- def build_script_tag(content) do
- content = Base.encode64(content)
-
+ def build_script_tag(content, nonce) do
HTML.Tag.content_tag(:script, HTML.raw(content),
id: "initial-results",
- type: "application/json"
+ type: "application/json",
+ nonce: nonce
)
end
end