From ea1058929c4dd569c00864f5292ec0a689acd1c6 Mon Sep 17 00:00:00 2001
From: shibayashi <shibayashi@cypherpunk.observer>
Date: Tue, 12 Feb 2019 00:08:52 +0100
Subject: [PATCH] Use url[:scheme] instead of protocol to determine if https is
 enabled

---
 lib/pleroma/plugs/http_security_plug.ex | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/pleroma/plugs/http_security_plug.ex b/lib/pleroma/plugs/http_security_plug.ex
index 2a266c407..3c8e6a18f 100644
--- a/lib/pleroma/plugs/http_security_plug.ex
+++ b/lib/pleroma/plugs/http_security_plug.ex
@@ -33,7 +33,7 @@ defp headers do
   end
 
   defp csp_string do
-    protocol = Config.get([Pleroma.Web.Endpoint, :protocol])
+    scheme = Config.get([Pleroma.Web.Endpoint, :url])[:scheme]
 
     [
       "default-src 'none'",
@@ -46,7 +46,7 @@ defp csp_string do
       "script-src 'self'",
       "connect-src 'self' " <> String.replace(Pleroma.Web.Endpoint.static_url(), "http", "ws"),
       "manifest-src 'self'",
-      if protocol == "https" do
+      if scheme == "https" do
         "upgrade-insecure-requests"
       end
     ]