Add CSP to mediaproxy links
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
ci/woodpecker/tag/woodpecker Pipeline is pending

This commit is contained in:
FloatingGhost 2023-05-26 11:46:18 +01:00
parent 9d83a1e23f
commit 7fb9960ccd
3 changed files with 5 additions and 2 deletions

View file

@ -18,6 +18,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Support for `streams` public key URIs
- Bookmarks are cleaned up on DB prune now
## Security
- Fixed mediaproxy being a bit of a silly billy
## 2023.04
## Added

View file

@ -42,7 +42,7 @@ def call(%{request_path: <<"/", @path, "/", file::binary>>} = conn, opts) do
conn ->
conn
end
|> merge_resp_headers([{"content-security-policy", "sandbox"}])
|> merge_resp_headers([{"content-security-policy", "script-src none"}])
config = Pleroma.Config.get(Pleroma.Upload)

View file

@ -4,7 +4,7 @@ defmodule Pleroma.Mixfile do
def project do
[
app: :pleroma,
version: version("3.9.0"),
version: version("3.9.1"),
elixir: "~> 1.14",
elixirc_paths: elixirc_paths(Mix.env()),
compilers: [:phoenix] ++ Mix.compilers(),