stefan230/akkoma
1
0
Fork 0
forked from YokaiRick/akkoma
Code Pull requests Activity

in dev, allow dev FE

Browse source
This commit is contained in:
FloatingGhost 2023-04-14 16:36:40 +01:00
parent 1b2c24a19e
commit a079ec3a3c
1 changed files with 8 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
lib/pleroma/web/plugs/http_security_plug.ex
View file

@ -8,6 +8,8 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlug do
require Logger require Logger
@mix_env Mix.env()
def init(opts), do: opts def init(opts), do: opts
def call(conn, _options) do def call(conn, _options) do
@ -114,7 +116,12 @@ defp csp_string(conn) do
style_src = "style-src 'self' '#{nonce_tag}'" style_src = "style-src 'self' '#{nonce_tag}'"
font_src = "font-src 'self'" font_src = "font-src 'self'"
script_src = "script-src 'self' '#{nonce_tag}'" script_src = "script-src 'self' '#{nonce_tag}' "
script_src = if @mix_env == :dev do
"script-src 'self' 'unsafe-eval' 'unsafe-inline'"
else
script_src
end
report = if report_uri, do: ["report-uri ", report_uri, ";report-to csp-endpoint"] report = if report_uri, do: ["report-uri ", report_uri, ";report-to csp-endpoint"]
insecure = if scheme == "https", do: "upgrade-insecure-requests" insecure = if scheme == "https", do: "upgrade-insecure-requests"