From: rinpatch <rinpatch@sdf.org>
Date: Fri, 29 May 2020 21:23:49 +0000 (+0000)
Subject: Merge branch 'bugfix/csp-unproxied' into 'develop'
X-Git-Url: https://git.squeep.com/?a=commitdiff_plain;h=d23b3701d8f1341f3e4565d35ffa0c25b83af51d;p=akkoma

Merge branch 'bugfix/csp-unproxied' into 'develop'

http_security_plug.ex: Fix non-proxied media

See merge request pleroma/pleroma!2610
---

d23b3701d8f1341f3e4565d35ffa0c25b83af51d
diff --cc lib/pleroma/plugs/http_security_plug.ex
index 41e3a31f4,589072535..6a339b32c
--- a/lib/pleroma/plugs/http_security_plug.ex
+++ b/lib/pleroma/plugs/http_security_plug.ex
@@@ -75,10 -75,10 +75,10 @@@ defmodule Pleroma.Plugs.HTTPSecurityPlu
          sources = get_proxy_and_attachment_sources()
          {[img_src, sources], [media_src, sources]}
        else
-         {img_src, media_src}
+         {[img_src, " https:"], [media_src, " https:"]}
        end
  
 -    connect_src = ["connect-src 'self' ", static_url, ?\s, websocket_url]
 +    connect_src = ["connect-src 'self' blob: ", static_url, ?\s, websocket_url]
  
      connect_src =
        if Pleroma.Config.get(:env) == :dev do