captain_arepa/akkoma-cachapa - akkoma-cachapa - Cachapa Gitea: Git with a cup of tea (and cachapas)

Author	SHA1	Message	Date
Alex Gleason	1bd9749a8f	Let blob: pass CSP	4 years ago
Haelwenn (lanodan) Monnier	6da6540036	Bump copyright years of files changed after 2020-01-07 Done via the following command: git diff `fcd5dd259a` --stat --name-only \| xargs sed -i '/Pleroma Authors/c# Copyright © 2017-2020 Pleroma Authors <https:\/\/pleroma.social\/>'	5 years ago
feld	36becd5573	Update http_security_plug.ex	5 years ago
Egor Kislitsyn	e07e7888d7	Fix credo warning	5 years ago
Egor Kislitsyn	2bd4d6289b	Make the warning more scarier	5 years ago
Egor Kislitsyn	6302b40791	Warn if HTTPSecurityPlug is disabled	5 years ago
rinpatch	92213fb87c	Replace Mix.env with Pleroma.Config.get(:env) Mix.env/0 is not availible in release environments such as distillery or elixir's built-in releases.	5 years ago
Alex S	aa11fa4864	add report uri and report to	5 years ago
feld	acb04306b6	Standardize construction of websocket URL This follows up on the change made in `d747bd98`	5 years ago
Haelwenn (lanodan) Monnier	fc37e5815f	Plugs.HTTPSecurityPlug: Add static_url to CSP's connect-src Closes: https://git.pleroma.social/pleroma/pleroma/merge_requests/469	6 years ago
Haelwenn (lanodan) Monnier	da4c662af3	Plugs.HTTPSecurityPlug: Add webpacker to connect-src	6 years ago
Haelwenn (lanodan) Monnier	00e8f0b07d	Plugs.HTTPSecurityPlug: Add unsafe-eval to script-src when in dev mode This is needed to run dev mode mastofe at the same time	6 years ago
shibayashi	ea1058929c	Use url[:scheme] instead of protocol to determine if https is enabled	6 years ago
William Pitcock	980b5288ed	update copyright years to 2019	6 years ago
William Pitcock	2791ce9a1f	add license boilerplate to pleroma core	6 years ago
Maksim Pechnikov	074fa790ba	fix compile warnings	6 years ago
Haelwenn (lanodan) Monnier	04daa0fa44	Plugs.HTTPSecurityPlug: Activate upgrade-insecure-requests only when there is https This fixes running mastofe with MIX_ENV=dev	6 years ago
shibayashi	591b11eafc	Add manifest-src to allow manifest.json	6 years ago
William Pitcock	c07464607d	http security: remove form-action from CSP definitions	6 years ago
William Pitcock	ee5932a504	http security: allow referrer-policy to be configured	6 years ago
William Pitcock	fe67665e19	rename CSPPlug to HTTPSecurityPlug.	6 years ago