Merge branch 'bugfix/csp-unproxied' into 'develop'

author rinpatch <rinpatch@sdf.org>

Fri, 29 May 2020 21:23:49 +0000 (21:23 +0000)

committer rinpatch <rinpatch@sdf.org>

Fri, 29 May 2020 21:23:49 +0000 (21:23 +0000)
author rinpatch <rinpatch@sdf.org>
Fri, 29 May 2020 21:23:49 +0000 (21:23 +0000)
committer rinpatch <rinpatch@sdf.org>
Fri, 29 May 2020 21:23:49 +0000 (21:23 +0000)
diff --git a/lib/pleroma/plugs/http_security_plug.ex b/lib/pleroma/plugs/http_security_plug.ex

index 41e3a31f43a39c355b3e251e993f452b67395539..6a339b32ca2e2b5491f992aca5dff5317eb1fc00 100644 (file)
--- a/lib/pleroma/plugs/http_security_plug.ex
+++ b/lib/pleroma/plugs/http_security_plug.ex
@@ -75,7 +75,7 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do
          sources = get_proxy_and_attachment_sources()
          {[img_src, sources], [media_src, sources]}
        else
-        {img_src, media_src}
+        {[img_src, " https:"], [media_src, " https:"]}
        end
  
      connect_src = ["connect-src 'self' blob: ", static_url, ?\s, websocket_url]
author	rinpatch <rinpatch@sdf.org>
	Fri, 29 May 2020 21:23:49 +0000 (21:23 +0000)
committer	rinpatch <rinpatch@sdf.org>
	Fri, 29 May 2020 21:23:49 +0000 (21:23 +0000)