Merge branch 'bugfix/csp-remove-form-action' into 'develop'

http security: remove form-action from CSP definitions Closes #379 See merge request pleroma/pleroma!456
author: kaniini <nenolod@gmail.com> 2018-11-16 17:47:22 +0000
committer: kaniini <nenolod@gmail.com> 2018-11-16 17:47:22 +0000
commit: 38f76d964f62f03f01abc8beeeddaac97a91d751 (patch)
tree: 1fd2fa3cfbd08c361f6179c44d1e32b149b9bf1d
parent: 4ad043256542f2defd147f9257466d848e417c26 (diff)
parent: c07464607d192add7fec0c91899eb8d3c077d876 (diff)
download: pleroma-38f76d964f62f03f01abc8beeeddaac97a91d751.tar.gz
1 files changed, 0 insertions, 1 deletions
diff --git a/lib/pleroma/plugs/http_security_plug.ex b/lib/pleroma/plugs/http_security_plug.ex
index 960c7f6bf..31c7332f8 100644
--- a/lib/pleroma/plugs/http_security_plug.ex
+++ b/lib/pleroma/plugs/http_security_plug.ex
@@ -32,7 +32,6 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do
     [
       "default-src 'none'",
       "base-uri 'self'",
-      "form-action *",
       "frame-ancestors 'none'",
       "img-src 'self' data: https:",
       "media-src 'self' https:",
author	kaniini <nenolod@gmail.com>	2018-11-16 17:47:22 +0000
committer	kaniini <nenolod@gmail.com>	2018-11-16 17:47:22 +0000
commit	38f76d964f62f03f01abc8beeeddaac97a91d751 (patch)
tree	1fd2fa3cfbd08c361f6179c44d1e32b149b9bf1d
parent	4ad043256542f2defd147f9257466d848e417c26 (diff)
parent	c07464607d192add7fec0c91899eb8d3c077d876 (diff)
download	pleroma-38f76d964f62f03f01abc8beeeddaac97a91d751.tar.gz