feld
|
acb04306b6
|
Standardize construction of websocket URL
This follows up on the change made in d747bd98
|
2019-05-03 11:45:04 +00:00 |
Haelwenn (lanodan) Monnier
|
fc37e5815f
|
Plugs.HTTPSecurityPlug: Add static_url to CSP's connect-src
Closes: https://git.pleroma.social/pleroma/pleroma/merge_requests/469
|
2019-03-05 01:44:24 +01:00 |
Haelwenn (lanodan) Monnier
|
da4c662af3
|
Plugs.HTTPSecurityPlug: Add webpacker to connect-src
|
2019-02-12 22:12:12 +01:00 |
Haelwenn (lanodan) Monnier
|
00e8f0b07d
|
Plugs.HTTPSecurityPlug: Add unsafe-eval to script-src when in dev mode
This is needed to run dev mode mastofe at the same time
|
2019-02-12 22:12:11 +01:00 |
shibayashi
|
ea1058929c
|
Use url[:scheme] instead of protocol to determine if https is enabled
|
2019-02-12 00:08:52 +01:00 |
William Pitcock
|
980b5288ed
|
update copyright years to 2019
|
2018-12-31 15:41:47 +00:00 |
William Pitcock
|
2791ce9a1f
|
add license boilerplate to pleroma core
|
2018-12-23 20:56:42 +00:00 |
Maksim Pechnikov
|
074fa790ba
|
fix compile warnings
|
2018-12-09 20:50:08 +03:00 |
Haelwenn (lanodan) Monnier
|
04daa0fa44
|
Plugs.HTTPSecurityPlug: Activate upgrade-insecure-requests only when there is https
This fixes running mastofe with MIX_ENV=dev
|
2018-11-26 21:41:36 +01:00 |
shibayashi
|
591b11eafc
|
Add manifest-src to allow manifest.json
|
2018-11-26 20:48:24 +01:00 |
William Pitcock
|
c07464607d
|
http security: remove form-action from CSP definitions
|
2018-11-16 17:40:21 +00:00 |
William Pitcock
|
ee5932a504
|
http security: allow referrer-policy to be configured
|
2018-11-12 15:14:46 +00:00 |
William Pitcock
|
fe67665e19
|
rename CSPPlug to HTTPSecurityPlug.
|
2018-11-12 15:08:02 +00:00 |