HTTP Security plug: make starting csp string generation more readable

author rinpatch <rinpatch@sdf.org>

Fri, 29 May 2020 09:32:48 +0000 (12:32 +0300)

committer rinpatch <rinpatch@sdf.org>

Fri, 29 May 2020 09:32:48 +0000 (12:32 +0300)
author rinpatch <rinpatch@sdf.org>
Fri, 29 May 2020 09:32:48 +0000 (12:32 +0300)
committer rinpatch <rinpatch@sdf.org>
Fri, 29 May 2020 09:32:48 +0000 (12:32 +0300)
diff --git a/lib/pleroma/plugs/http_security_plug.ex b/lib/pleroma/plugs/http_security_plug.ex

index df38d5022a05af88c292ca94ebb628ca5baedb8e..2208d1d6ce7c5127867fc5b363ef7bb6a470903f 100644 (file)
--- a/lib/pleroma/plugs/http_security_plug.ex
+++ b/lib/pleroma/plugs/http_security_plug.ex
@@ -49,17 +49,16 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do
      end
    end
  
-  @csp_start [
-               "default-src 'none'",
-               "base-uri 'self'",
-               "frame-ancestors 'none'",
-               "style-src 'self' 'unsafe-inline'",
-               "font-src 'self'",
-               "manifest-src 'self'"
-             ]
-             |> Enum.join(";")
-             |> Kernel.<>(";")
-             |> List.wrap()
+  static_csp_rules = [
+    "default-src 'none'",
+    "base-uri 'self'",
+    "frame-ancestors 'none'",
+    "style-src 'self' 'unsafe-inline'",
+    "font-src 'self'",
+    "manifest-src 'self'"
+  ]
+
+  @csp_start [Enum.join(static_csp_rules, ";") <> ";"]
  
    defp csp_string do
      scheme = Config.get([Pleroma.Web.Endpoint, :url])[:scheme]
author	rinpatch <rinpatch@sdf.org>
	Fri, 29 May 2020 09:32:48 +0000 (12:32 +0300)
committer	rinpatch <rinpatch@sdf.org>
	Fri, 29 May 2020 09:32:48 +0000 (12:32 +0300)