Merge branch 'add-manifest-src-to-csp' into 'develop'

Add manifest-src to CSP to allow manifest.json See merge request pleroma/pleroma!474
author: Haelwenn <git.pleroma.social@hacktivis.me> 2018-11-26 19:56:49 +0000
committer: Haelwenn <git.pleroma.social@hacktivis.me> 2018-11-26 19:56:49 +0000
commit: 3370924b8ba87354249182694cfa3b598a66e6de (patch)
tree: 83b89af74c122e4cc68cd65dcf376fe7d0f75758 /lib
parent: 39a3b1724ad5bf5828142d4e83d7cb2bbb45a0d9 (diff)
parent: 591b11eafcc49a7812390a03d29596b4a96ad5f8 (diff)
download: pleroma-3370924b8ba87354249182694cfa3b598a66e6de.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/lib/pleroma/plugs/http_security_plug.ex b/lib/pleroma/plugs/http_security_plug.ex
index 31c7332f8..84d6506e3 100644
--- a/lib/pleroma/plugs/http_security_plug.ex
+++ b/lib/pleroma/plugs/http_security_plug.ex
@@ -39,6 +39,7 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do
       "font-src 'self'",
       "script-src 'self'",
       "connect-src 'self' " <> String.replace(Pleroma.Web.Endpoint.static_url(), "http", "ws"),
+      "manifest-src 'self'",
       "upgrade-insecure-requests"
     ]
     |> Enum.join("; ")
author	Haelwenn <git.pleroma.social@hacktivis.me>	2018-11-26 19:56:49 +0000
committer	Haelwenn <git.pleroma.social@hacktivis.me>	2018-11-26 19:56:49 +0000
commit	3370924b8ba87354249182694cfa3b598a66e6de (patch)
tree	83b89af74c122e4cc68cd65dcf376fe7d0f75758 /lib
parent	39a3b1724ad5bf5828142d4e83d7cb2bbb45a0d9 (diff)
parent	591b11eafcc49a7812390a03d29596b4a96ad5f8 (diff)
download	pleroma-3370924b8ba87354249182694cfa3b598a66e6de.tar.gz