Merge branch 'fix/csp-mediaproxy-base-url' into 'develop'

HTTP security plug: add media proxy base url host to csp See merge request pleroma/pleroma!2638
author: feld <feld@feld.me> 2020-06-11 16:18:06 +0000
committer: rinpatch <rinpatch@sdf.org> 2020-06-12 20:43:59 +0300
commit: 90676bdfe3df526fe9596c25ad63d59fc602eb7a (patch)
tree: f912f675d343590ff0ec2352d8afe8d06a9ce49e
parent: cd2df734dde6151faa6a73edb296a5cf768e9a34 (diff)
download: pleroma-90676bdfe3df526fe9596c25ad63d59fc602eb7a.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/pleroma/plugs/http_security_plug.ex b/lib/pleroma/plugs/http_security_plug.ex
index 589072535..cad0ad4a0 100644
--- a/lib/pleroma/plugs/http_security_plug.ex
+++ b/lib/pleroma/plugs/http_security_plug.ex
@@ -113,6 +113,10 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do
         add_source(acc, host)
       end)
 
+    media_proxy_base_url =
+      if Config.get([:media_proxy, :base_url]),
+        do: URI.parse(Config.get([:media_proxy, :base_url])).host
+
     upload_base_url =
       if Config.get([Pleroma.Upload, :base_url]),
         do: URI.parse(Config.get([Pleroma.Upload, :base_url])).host
@@ -122,6 +126,7 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do
         do: URI.parse(Config.get([Pleroma.Uploaders.S3, :public_endpoint])).host
 
     []
+    |> add_source(media_proxy_base_url)
     |> add_source(upload_base_url)
     |> add_source(s3_endpoint)
     |> add_source(media_proxy_whitelist)
author	feld <feld@feld.me>	2020-06-11 16:18:06 +0000
committer	rinpatch <rinpatch@sdf.org>	2020-06-12 20:43:59 +0300
commit	90676bdfe3df526fe9596c25ad63d59fc602eb7a (patch)
tree	f912f675d343590ff0ec2352d8afe8d06a9ce49e
parent	cd2df734dde6151faa6a73edb296a5cf768e9a34 (diff)
download	pleroma-90676bdfe3df526fe9596c25ad63d59fc602eb7a.tar.gz