Commit Graph

11 Commits

Author SHA1 Message Date
HJ a31d3589ed Update http_security_plug.ex 2022-11-17 12:03:01 -05:00
HJ 79bd363a68 Update lib/pleroma/web/plugs/http_security_plug.ex 2022-11-17 12:03:01 -05:00
Henry Jameson db76ea578a try to fix ruffle on chrome 2022-11-17 12:03:01 -05:00
Thomas Citharel bdedc41cbc
Fix typo in CSP Report-To header name
The header name was Report-To, not Reply-To.

In any case, that's now being changed to the Reporting-Endpoints HTTP
Response Header.
https://w3c.github.io/reporting/#header
https://github.com/w3c/reporting/issues/177

CanIUse says the Report-To header is still supported by current Chrome
and friends.
https://caniuse.com/mdn-http_headers_report-to

It doesn't have any data for the Reporting-Endpoints HTTP header, but
this article says Chrome 96 supports it.
https://web.dev/reporting-api/

(Even though that's come out one year ago, that's not compatible with
Network Error Logging which's still using the Report-To version of the
API)

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2022-11-04 09:43:13 +01:00
Sean King 17aa3644be
Copyright bump for 2022 2022-02-25 23:11:42 -07:00
Sean King 2b4f958b2a
Add opting out of Google FLoC to HTTPSecurityPlug headers 2021-04-18 14:00:18 -06:00
eugenijm 7fcaa188a0 Allow to define custom HTTP headers per each frontend 2021-01-21 21:55:23 +03:00
eugenijm 133644dfa2 Ability to set the Service-Worker-Allowed header 2021-01-21 21:55:11 +03:00
Haelwenn (lanodan) Monnier c4439c630f
Bump Copyright to 2021
grep -rl '# Copyright © .* Pleroma' * | xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>;'
2021-01-13 07:49:50 +01:00
Alexander Strizhakov abc3c7689b
HTTPSecurityPlug module name and filename 2020-10-13 16:43:55 +03:00
Alexander Strizhakov 2501793f81
moving plugs into web dir 2020-10-13 16:38:19 +03:00