diff options
| author | Mark Felder <feld@FreeBSD.org> | 2020-07-03 17:06:20 -0500 |
|---|---|---|
| committer | Mark Felder <feld@FreeBSD.org> | 2020-07-03 17:06:20 -0500 |
| commit | eaa59daa4c229bf47e30ac389563c82b11378e07 (patch) | |
| tree | 880229cef663f303b43e7e590c525c7d0b744220 /lib | |
| parent | c2a052a346d5104c3657343a885255d4d7179c75 (diff) | |
| download | pleroma-eaa59daa4c229bf47e30ac389563c82b11378e07.tar.gz | |
Add Captcha endpoint to CSP headers when MediaProxy is enabled.
Our CSP rules are lax when MediaProxy enabled, but lenient otherwise.
This fixes broken captcha on instances not using MediaProxy.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/pleroma/plugs/http_security_plug.ex | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/lib/pleroma/plugs/http_security_plug.ex b/lib/pleroma/plugs/http_security_plug.ex index 1420a9611..f7192ebfc 100644 --- a/lib/pleroma/plugs/http_security_plug.ex +++ b/lib/pleroma/plugs/http_security_plug.ex @@ -125,11 +125,19 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do if Config.get([Pleroma.Upload, :uploader]) == Pleroma.Uploaders.S3, do: URI.parse(Config.get([Pleroma.Uploaders.S3, :public_endpoint])).host + captcha_method = Config.get([Pleroma.Captcha, :method]) + + captcha_endpoint = + if Config.get([Pleroma.Captcha, :enabled]) && + captcha_method != "Pleroma.Captcha.Native", + do: Config.get([captcha_method, :endpoint]) + [] |> add_source(media_proxy_base_url) |> add_source(upload_base_url) |> add_source(s3_endpoint) |> add_source(media_proxy_whitelist) + |> add_source(captcha_endpoint) end defp add_source(iodata, nil), do: iodata |