forked from YokaiRick/akkoma
in dev, allow dev FE
This commit is contained in:
parent
1b2c24a19e
commit
a079ec3a3c
1 changed files with 8 additions and 1 deletions
|
@ -8,6 +8,8 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlug do
|
||||||
|
|
||||||
require Logger
|
require Logger
|
||||||
|
|
||||||
|
@mix_env Mix.env()
|
||||||
|
|
||||||
def init(opts), do: opts
|
def init(opts), do: opts
|
||||||
|
|
||||||
def call(conn, _options) do
|
def call(conn, _options) do
|
||||||
|
@ -115,6 +117,11 @@ defp csp_string(conn) do
|
||||||
font_src = "font-src 'self'"
|
font_src = "font-src 'self'"
|
||||||
|
|
||||||
script_src = "script-src 'self' '#{nonce_tag}' "
|
script_src = "script-src 'self' '#{nonce_tag}' "
|
||||||
|
script_src = if @mix_env == :dev do
|
||||||
|
"script-src 'self' 'unsafe-eval' 'unsafe-inline'"
|
||||||
|
else
|
||||||
|
script_src
|
||||||
|
end
|
||||||
|
|
||||||
report = if report_uri, do: ["report-uri ", report_uri, ";report-to csp-endpoint"]
|
report = if report_uri, do: ["report-uri ", report_uri, ";report-to csp-endpoint"]
|
||||||
insecure = if scheme == "https", do: "upgrade-insecure-requests"
|
insecure = if scheme == "https", do: "upgrade-insecure-requests"
|
||||||
|
|
Loading…
Reference in a new issue