From 9d83a1e23f3fde933ec990736fd77a8adb2e4803 Mon Sep 17 00:00:00 2001
From: FloatingGhost <hannah@coffee-and-dreams.uk>
Date: Fri, 26 May 2023 11:41:22 +0100
Subject: [PATCH] Add csp

---
 lib/pleroma/reverse_proxy.ex | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lib/pleroma/reverse_proxy.ex b/lib/pleroma/reverse_proxy.ex
index 91cf1bba3..b44f0b90a 100644
--- a/lib/pleroma/reverse_proxy.ex
+++ b/lib/pleroma/reverse_proxy.ex
@@ -251,6 +251,7 @@ defp build_resp_headers(headers, opts) do
     |> Enum.filter(fn {k, _} -> k in @keep_resp_headers end)
     |> build_resp_cache_headers(opts)
     |> build_resp_content_disposition_header(opts)
+    |> build_csp_headers()
     |> Keyword.merge(Keyword.get(opts, :resp_headers, []))
   end
 
@@ -316,6 +317,10 @@ defp build_resp_content_disposition_header(headers, opts) do
     end
   end
 
+  defp build_csp_headers(headers) do
+    List.keystore(headers, "content-security-policy", 0, {"content-security-policy", "sandbox"})
+  end
+
   defp header_length_constraint(headers, limit) when is_integer(limit) and limit > 0 do
     with {_, size} <- List.keyfind(headers, "content-length", 0),
          {size, _} <- Integer.parse(size),