rinpatch
|
92213fb87c
|
Replace Mix.env with Pleroma.Config.get(:env)
Mix.env/0 is not availible in release environments such as distillery or
elixir's built-in releases.
|
5 years ago |
Alex S
|
aa11fa4864
|
add report uri and report to
|
5 years ago |
feld
|
acb04306b6
|
Standardize construction of websocket URL
This follows up on the change made in d747bd98
|
5 years ago |
Haelwenn (lanodan) Monnier
|
fc37e5815f
|
Plugs.HTTPSecurityPlug: Add static_url to CSP's connect-src
Closes: https://git.pleroma.social/pleroma/pleroma/merge_requests/469
|
6 years ago |
Haelwenn (lanodan) Monnier
|
da4c662af3
|
Plugs.HTTPSecurityPlug: Add webpacker to connect-src
|
6 years ago |
Haelwenn (lanodan) Monnier
|
00e8f0b07d
|
Plugs.HTTPSecurityPlug: Add unsafe-eval to script-src when in dev mode
This is needed to run dev mode mastofe at the same time
|
6 years ago |
shibayashi
|
ea1058929c
|
Use url[:scheme] instead of protocol to determine if https is enabled
|
6 years ago |
William Pitcock
|
980b5288ed
|
update copyright years to 2019
|
6 years ago |
William Pitcock
|
2791ce9a1f
|
add license boilerplate to pleroma core
|
6 years ago |
Maksim Pechnikov
|
074fa790ba
|
fix compile warnings
|
6 years ago |
Haelwenn (lanodan) Monnier
|
04daa0fa44
|
Plugs.HTTPSecurityPlug: Activate upgrade-insecure-requests only when there is https
This fixes running mastofe with MIX_ENV=dev
|
6 years ago |
shibayashi
|
591b11eafc
|
Add manifest-src to allow manifest.json
|
6 years ago |
William Pitcock
|
c07464607d
|
http security: remove form-action from CSP definitions
|
6 years ago |
William Pitcock
|
ee5932a504
|
http security: allow referrer-policy to be configured
|
6 years ago |
William Pitcock
|
fe67665e19
|
rename CSPPlug to HTTPSecurityPlug.
|
6 years ago |