1
0
mirror of https://git.pleroma.social/sjw/pleroma.git synced 2024-12-23 15:55:04 +01:00

HTTP Security plug: make starting csp string generation more readable

This commit is contained in:
rinpatch 2020-05-29 12:32:48 +03:00
parent 29ff6d414b
commit 27180611df

View File

@ -49,17 +49,16 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do
end end
end end
@csp_start [ static_csp_rules = [
"default-src 'none'", "default-src 'none'",
"base-uri 'self'", "base-uri 'self'",
"frame-ancestors 'none'", "frame-ancestors 'none'",
"style-src 'self' 'unsafe-inline'", "style-src 'self' 'unsafe-inline'",
"font-src 'self'", "font-src 'self'",
"manifest-src 'self'" "manifest-src 'self'"
] ]
|> Enum.join(";")
|> Kernel.<>(";") @csp_start [Enum.join(static_csp_rules, ";") <> ";"]
|> List.wrap()
defp csp_string do defp csp_string do
scheme = Config.get([Pleroma.Web.Endpoint, :url])[:scheme] scheme = Config.get([Pleroma.Web.Endpoint, :url])[:scheme]