Beefox/akkoma
1
0
Fork 0
forked from AkkomaGang/akkoma
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge branch 'fix/csp-mediaproxy-base-url' into 'develop'

Browse source 
HTTP security plug: add media proxy base url host to csp

See merge request pleroma/pleroma!2638
This commit is contained in:
feld 2020-06-11 16:18:06 +00:00 committed by rinpatch
parent cd2df734dd
commit 90676bdfe3
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
lib/pleroma/plugs/http_security_plug.ex
View file

@ -113,6 +113,10 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do
add_source(acc, host) add_source(acc, host)
end) end)
media_proxy_base_url =
if Config.get([:media_proxy, :base_url]),
do: URI.parse(Config.get([:media_proxy, :base_url])).host
upload_base_url = upload_base_url =
if Config.get([Pleroma.Upload, :base_url]), if Config.get([Pleroma.Upload, :base_url]),
do: URI.parse(Config.get([Pleroma.Upload, :base_url])).host do: URI.parse(Config.get([Pleroma.Upload, :base_url])).host
@ -122,6 +126,7 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do
do: URI.parse(Config.get([Pleroma.Uploaders.S3, :public_endpoint])).host do: URI.parse(Config.get([Pleroma.Uploaders.S3, :public_endpoint])).host
[] []
|> add_source(media_proxy_base_url)
|> add_source(upload_base_url) |> add_source(upload_base_url)
|> add_source(s3_endpoint) |> add_source(s3_endpoint)
|> add_source(media_proxy_whitelist) |> add_source(media_proxy_whitelist)