Use url[:scheme] instead of protocol to determine if https is enabled

This commit is contained in:
shibayashi 2019-02-12 00:08:52 +01:00
parent 39548c3824
commit ea1058929c
No known key found for this signature in database
GPG key ID: C10662A33EB28508

View file

@ -33,7 +33,7 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do
end
defp csp_string do
protocol = Config.get([Pleroma.Web.Endpoint, :protocol])
scheme = Config.get([Pleroma.Web.Endpoint, :url])[:scheme]
[
"default-src 'none'",
@ -46,7 +46,7 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do
"script-src 'self'",
"connect-src 'self' " <> String.replace(Pleroma.Web.Endpoint.static_url(), "http", "ws"),
"manifest-src 'self'",
if protocol == "https" do
if scheme == "https" do
"upgrade-insecure-requests"
end
]