Add Captcha endpoint to CSP headers when MediaProxy is enabled.
Our CSP rules are lax when MediaProxy enabled, but lenient otherwise. This fixes broken captcha on instances not using MediaProxy.
This commit is contained in:
parent
c2a052a346
commit
eaa59daa4c
@ -125,11 +125,19 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do
|
|||||||
if Config.get([Pleroma.Upload, :uploader]) == Pleroma.Uploaders.S3,
|
if Config.get([Pleroma.Upload, :uploader]) == Pleroma.Uploaders.S3,
|
||||||
do: URI.parse(Config.get([Pleroma.Uploaders.S3, :public_endpoint])).host
|
do: URI.parse(Config.get([Pleroma.Uploaders.S3, :public_endpoint])).host
|
||||||
|
|
||||||
|
captcha_method = Config.get([Pleroma.Captcha, :method])
|
||||||
|
|
||||||
|
captcha_endpoint =
|
||||||
|
if Config.get([Pleroma.Captcha, :enabled]) &&
|
||||||
|
captcha_method != "Pleroma.Captcha.Native",
|
||||||
|
do: Config.get([captcha_method, :endpoint])
|
||||||
|
|
||||||
[]
|
[]
|
||||||
|> add_source(media_proxy_base_url)
|
|> add_source(media_proxy_base_url)
|
||||||
|> add_source(upload_base_url)
|
|> add_source(upload_base_url)
|
||||||
|> add_source(s3_endpoint)
|
|> add_source(s3_endpoint)
|
||||||
|> add_source(media_proxy_whitelist)
|
|> add_source(media_proxy_whitelist)
|
||||||
|
|> add_source(captcha_endpoint)
|
||||||
end
|
end
|
||||||
|
|
||||||
defp add_source(iodata, nil), do: iodata
|
defp add_source(iodata, nil), do: iodata
|
||||||
|
Loading…
Reference in New Issue
Block a user