diff options
| author | Mark Felder <feld@FreeBSD.org> | 2020-07-03 17:06:20 -0500 |
|---|---|---|
| committer | Mark Felder <feld@FreeBSD.org> | 2020-07-03 17:06:20 -0500 |
| commit | eaa59daa4c229bf47e30ac389563c82b11378e07 (patch) | |
| tree | 880229cef663f303b43e7e590c525c7d0b744220 | |
| parent | c2a052a346d5104c3657343a885255d4d7179c75 (diff) | |
| download | pleroma-eaa59daa4c229bf47e30ac389563c82b11378e07.tar.gz | |
Add Captcha endpoint to CSP headers when MediaProxy is enabled.
Our CSP rules are lax when MediaProxy enabled, but lenient otherwise.
This fixes broken captcha on instances not using MediaProxy.
| -rw-r--r-- | lib/pleroma/plugs/http_security_plug.ex | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/lib/pleroma/plugs/http_security_plug.ex b/lib/pleroma/plugs/http_security_plug.ex index 1420a9611..f7192ebfc 100644 --- a/lib/pleroma/plugs/http_security_plug.ex +++ b/lib/pleroma/plugs/http_security_plug.ex @@ -125,11 +125,19 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do if Config.get([Pleroma.Upload, :uploader]) == Pleroma.Uploaders.S3, do: URI.parse(Config.get([Pleroma.Uploaders.S3, :public_endpoint])).host + captcha_method = Config.get([Pleroma.Captcha, :method]) + + captcha_endpoint = + if Config.get([Pleroma.Captcha, :enabled]) && + captcha_method != "Pleroma.Captcha.Native", + do: Config.get([captcha_method, :endpoint]) + [] |> add_source(media_proxy_base_url) |> add_source(upload_base_url) |> add_source(s3_endpoint) |> add_source(media_proxy_whitelist) + |> add_source(captcha_endpoint) end defp add_source(iodata, nil), do: iodata |