Merge branch 'fix/csp-mediaproxy-base-url' into 'develop'

author feld <feld@feld.me>

Thu, 11 Jun 2020 16:18:06 +0000 (16:18 +0000)

committer rinpatch <rinpatch@sdf.org>

Fri, 12 Jun 2020 17:43:59 +0000 (20:43 +0300)
author feld <feld@feld.me>
Thu, 11 Jun 2020 16:18:06 +0000 (16:18 +0000)
committer rinpatch <rinpatch@sdf.org>
Fri, 12 Jun 2020 17:43:59 +0000 (20:43 +0300)
diff --git a/lib/pleroma/plugs/http_security_plug.ex b/lib/pleroma/plugs/http_security_plug.ex

index 58907253558c8a2656f31b72e808f0de0db34ccf..cad0ad4a0bf92277b71346a15872aa2af8303c9d 100644 (file)
--- a/lib/pleroma/plugs/http_security_plug.ex
+++ b/lib/pleroma/plugs/http_security_plug.ex
@@ -113,6 +113,10 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do
          add_source(acc, host)
        end)
  
+    media_proxy_base_url =
+      if Config.get([:media_proxy, :base_url]),
+        do: URI.parse(Config.get([:media_proxy, :base_url])).host
+
      upload_base_url =
        if Config.get([Pleroma.Upload, :base_url]),
          do: URI.parse(Config.get([Pleroma.Upload, :base_url])).host
@@ -122,6 +126,7 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do
          do: URI.parse(Config.get([Pleroma.Uploaders.S3, :public_endpoint])).host
  
      []
+    |> add_source(media_proxy_base_url)
      |> add_source(upload_base_url)
      |> add_source(s3_endpoint)
      |> add_source(media_proxy_whitelist)
author	feld <feld@feld.me>
	Thu, 11 Jun 2020 16:18:06 +0000 (16:18 +0000)
committer	rinpatch <rinpatch@sdf.org>
	Fri, 12 Jun 2020 17:43:59 +0000 (20:43 +0300)