Merge branch 'add-manifest-src-to-csp' into 'develop'

author Haelwenn <git.pleroma.social@hacktivis.me>

Mon, 26 Nov 2018 19:56:49 +0000 (19:56 +0000)

committer Haelwenn <git.pleroma.social@hacktivis.me>

Mon, 26 Nov 2018 19:56:49 +0000 (19:56 +0000)
author Haelwenn <git.pleroma.social@hacktivis.me>
Mon, 26 Nov 2018 19:56:49 +0000 (19:56 +0000)
committer Haelwenn <git.pleroma.social@hacktivis.me>
Mon, 26 Nov 2018 19:56:49 +0000 (19:56 +0000)
diff --git a/lib/pleroma/plugs/http_security_plug.ex b/lib/pleroma/plugs/http_security_plug.ex

index 31c7332f8fc30e7824c33b1c2263d220a9f76ec9..84d6506e3abc6d662f2842e42e03757c41bae418 100644 (file)
--- a/lib/pleroma/plugs/http_security_plug.ex
+++ b/lib/pleroma/plugs/http_security_plug.ex
@@ -39,6 +39,7 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do
        "font-src 'self'",
        "script-src 'self'",
        "connect-src 'self' " <> String.replace(Pleroma.Web.Endpoint.static_url(), "http", "ws"),
+      "manifest-src 'self'",
        "upgrade-insecure-requests"
      ]
      |> Enum.join("; ")
author	Haelwenn <git.pleroma.social@hacktivis.me>
	Mon, 26 Nov 2018 19:56:49 +0000 (19:56 +0000)
committer	Haelwenn <git.pleroma.social@hacktivis.me>
	Mon, 26 Nov 2018 19:56:49 +0000 (19:56 +0000)