squeegily/pleroma
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

http security: remove form-action from CSP definitions

Browse Source
This commit is contained in:
William Pitcock 2018-11-16 17:40:21 +00:00
parent 4ad0432565
commit c07464607d
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lib/pleroma/plugs/http_security_plug.ex
View File

@ -32,7 +32,6 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do
[
"default-src 'none'",
"base-uri 'self'",
"form-action *",
"frame-ancestors 'none'",
"img-src 'self' data: https:",
"media-src 'self' https:",