alyssa
/
pleroma
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Use url[:scheme] instead of protocol to determine if https is enabled

This commit is contained in:
shibayashi 2019-02-12 00:08:52 +01:00
parent 39548c3824
commit ea1058929c
No known key found for this signature in database
GPG Key ID: C10662A33EB28508
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/pleroma/plugs/http_security_plug.ex
View File

@ -33,7 +33,7 @@ defp headers do
end end
defp csp_string do defp csp_string do
protocol = Config.get([Pleroma.Web.Endpoint, :protocol]) scheme = Config.get([Pleroma.Web.Endpoint, :url])[:scheme]
[ [
"default-src 'none'", "default-src 'none'",
@ -46,7 +46,7 @@ defp csp_string do
"script-src 'self'", "script-src 'self'",
"connect-src 'self' " <> String.replace(Pleroma.Web.Endpoint.static_url(), "http", "ws"), "connect-src 'self' " <> String.replace(Pleroma.Web.Endpoint.static_url(), "http", "ws"),
"manifest-src 'self'", "manifest-src 'self'",
if protocol == "https" do if scheme == "https" do
"upgrade-insecure-requests" "upgrade-insecure-requests"
end end
] ]