diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/pleroma/web/plugs/http_security_plug.ex | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/lib/pleroma/web/plugs/http_security_plug.ex b/lib/pleroma/web/plugs/http_security_plug.ex index 4b84f575d..6c959a870 100644 --- a/lib/pleroma/web/plugs/http_security_plug.ex +++ b/lib/pleroma/web/plugs/http_security_plug.ex @@ -23,6 +23,7 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlug do defp headers do referrer_policy = Config.get([:http_security, :referrer_policy]) report_uri = Config.get([:http_security, :report_uri]) + service_worker_allowed = Config.get([:http_security, :service_worker_allowed]) headers = [ {"x-xss-protection", "1; mode=block"}, @@ -34,6 +35,13 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlug do {"content-security-policy", csp_string()} ] + headers = + if service_worker_allowed do + [{"service-worker-allowed", service_worker_allowed} | headers] + else + headers + end + if report_uri do report_group = %{ "group" => "csp-endpoint", |