aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/pleroma/web/ostatus/ostatus_controller.ex5
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/pleroma/web/ostatus/ostatus_controller.ex b/lib/pleroma/web/ostatus/ostatus_controller.ex
index 860b8210e..4877e032b 100644
--- a/lib/pleroma/web/ostatus/ostatus_controller.ex
+++ b/lib/pleroma/web/ostatus/ostatus_controller.ex
@@ -194,6 +194,11 @@ defmodule Pleroma.Web.OStatus.OStatusController do
true <- String.starts_with?(url["mediaType"], ["audio", "video"]) do
conn
|> put_layout(:metadata_player)
+ |> put_resp_header("x-frame-options", "ALLOW")
+ |> put_resp_header(
+ "content-security-policy",
+ "default-src 'none'; img-src 'self' data: https:; media-src 'self' https:;"
+ )
|> put_view(Pleroma.Web.Metadata.PlayerView)
|> render("player.html", url)
else
generated by cgit v1.2.3 (git 2.26.2) at 2025-04-24 22:54:46 +0000