mirror of
https://akkoma.dev/AkkomaGang/akkoma.git
synced 2024-11-10 03:17:51 +00:00
Merge branch 'fix-csp-upgrade-insecure-requests-check' into 'develop'
Fix CSP check for 'upgrade-insecure-requests' See merge request pleroma/pleroma!814
This commit is contained in:
commit
c71b3a1b12
1 changed files with 2 additions and 2 deletions
|
@ -33,7 +33,7 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do
|
|||
end
|
||||
|
||||
defp csp_string do
|
||||
protocol = Config.get([Pleroma.Web.Endpoint, :protocol])
|
||||
scheme = Config.get([Pleroma.Web.Endpoint, :url])[:scheme]
|
||||
|
||||
[
|
||||
"default-src 'none'",
|
||||
|
@ -46,7 +46,7 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do
|
|||
"script-src 'self'",
|
||||
"connect-src 'self' " <> String.replace(Pleroma.Web.Endpoint.static_url(), "http", "ws"),
|
||||
"manifest-src 'self'",
|
||||
if protocol == "https" do
|
||||
if scheme == "https" do
|
||||
"upgrade-insecure-requests"
|
||||
end
|
||||
]
|
||||
|
|
Loading…
Reference in a new issue