X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Fpreload.ex;h=e554965a26a12f42498ca952103f1835db85fabf;hb=9a320ba8149a3efae1235b3b68dbf1bbad423e0d;hp=c2211c59742a7926259750106813b22ddf614f4a;hpb=29ae5bb77166d9d7f8108a965b0c3d147b747e80;p=akkoma

diff --git a/lib/pleroma/web/preload.ex b/lib/pleroma/web/preload.ex
index c2211c597..e554965a2 100644
--- a/lib/pleroma/web/preload.ex
+++ b/lib/pleroma/web/preload.ex
@@ -1,30 +1,36 @@
 # Pleroma: A lightweight social networking server
-# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
 # SPDX-License-Identifier: AGPL-3.0-only
 
 defmodule Pleroma.Web.Preload do
   alias Phoenix.HTML
-  require Logger
 
-  def build_tags(_conn, params) do
+  def build_tags(%{assigns: %{csp_nonce: nonce}} = conn, params) do
     preload_data =
       Enum.reduce(Pleroma.Config.get([__MODULE__, :providers], []), %{}, fn parser, acc ->
-        Map.merge(acc, parser.generate_terms(params))
+        terms =
+          params
+          |> parser.generate_terms()
+          |> Enum.map(fn {k, v} -> {k, Base.encode64(Jason.encode!(v))} end)
+          |> Enum.into(%{})
+
+        Map.merge(acc, terms)
       end)
 
     rendered_html =
       preload_data
       |> Jason.encode!()
-      |> build_script_tag()
+      |> build_script_tag(nonce)
       |> HTML.safe_to_string()
 
     rendered_html
   end
 
-  def build_script_tag(content) do
+  def build_script_tag(content, nonce) do
     HTML.Tag.content_tag(:script, HTML.raw(content),
       id: "initial-results",
-      type: "application/json"
+      type: "application/json",
+      nonce: nonce
     )
   end
 end