hamlab/mobilizon-frontend
2
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Provide an accept CSP policy for global search pictures

Browse Source 
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel
2022-08-26 17:18:54 +02:00
parent 8812122168
commit 4db13046b7
4 changed files with 21 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/web/plugs/http_security_plug.ex
View File

@@ -10,6 +10,7 @@ defmodule Mobilizon.Web.Plugs.HTTPSecurityPlug do
alias Mobilizon.Config
alias Mobilizon.Service.FrontEndAnalytics
alias Mobilizon.Service.GlobalSearch
import Plug.Conn
require Logger
@@ -139,7 +140,8 @@ defmodule Mobilizon.Web.Plugs.HTTPSecurityPlug do
defp get_csp_config(type, options) do
config_policy = Keyword.get(options, type, Config.get([:http_security, :csp_policy, type]))
front_end_analytics_policy = [Keyword.get(FrontEndAnalytics.csp(), type, [])]
global_search_policy = [Keyword.get(GlobalSearch.service().csp(), type, [])]
Enum.join(config_policy ++ front_end_analytics_policy, " ")
Enum.join(config_policy ++ front_end_analytics_policy ++ global_search_policy, " ")
end
end