moon
/
spc-pleroma
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
16,283 Commits 2 Branches 0 Tags 208 MiB
Commit Graph

23 Commits

Author SHA1 Message Date
Lain Soykaf 81e44ced0c HTTPSecurityPlug: Fix tests 2024-05-27 22:13:20 +04:00
Lain Soykaf 1c699144d2 HttpSecurityPlug: Don't allow unsafe-eval by default 2024-05-27 21:26:40 +04:00
Mark Felder 9896b64f54 Elixir 1.15: Chase the Logger.warn deprecation 2023-12-20 20:16:26 +00:00
tusooa 3d09bc320e
Make lint happy 2023-08-30 20:36:52 -04:00
Haelwenn d838d1990b Apply lanodan's suggestion(s) to 1 file(s) 2023-08-16 13:34:32 +00:00
Henry Jameson 2a07411b0c keep the websocket url for all modes 2023-05-07 15:34:17 +03:00
Henry Jameson f50fd9278f reduce redundant reduntancy reduction 2023-05-07 15:29:19 +03:00
Henry Jameson f8ef4924ec fix whitespace 2023-05-07 15:24:09 +03:00
Henry Jameson c0d11da2d8 conditionally set csp depnding on media-proxy state 2023-05-07 15:16:30 +03:00
HJ 675639225a allow https: so that flash works across instances without need for media proxy 2023-04-28 11:13:42 +00:00
lain e853cfe7c3 Revert "Merge branch 'copyright-bump' into 'develop'" 
This reverts merge request !3825
 2023-01-02 20:38:50 +00:00
marcin mikołajczak 10886eeaa2 Bump copyright year 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2023-01-01 12:13:06 +01:00
HJ a31d3589ed Update http_security_plug.ex 2022-11-17 12:03:01 -05:00
HJ 79bd363a68 Update lib/pleroma/web/plugs/http_security_plug.ex 2022-11-17 12:03:01 -05:00
Henry Jameson db76ea578a try to fix ruffle on chrome 2022-11-17 12:03:01 -05:00
Thomas Citharel bdedc41cbc
Fix typo in CSP Report-To header name 
The header name was Report-To, not Reply-To.

In any case, that's now being changed to the Reporting-Endpoints HTTP
Response Header.
https://w3c.github.io/reporting/#header
https://github.com/w3c/reporting/issues/177

CanIUse says the Report-To header is still supported by current Chrome
and friends.
https://caniuse.com/mdn-http_headers_report-to

It doesn't have any data for the Reporting-Endpoints HTTP header, but
this article says Chrome 96 supports it.
https://web.dev/reporting-api/

(Even though that's come out one year ago, that's not compatible with
Network Error Logging which's still using the Report-To version of the
API)

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
 2022-11-04 09:43:13 +01:00
Sean King 17aa3644be
Copyright bump for 2022 2022-02-25 23:11:42 -07:00
Sean King 2b4f958b2a
Add opting out of Google FLoC to HTTPSecurityPlug headers 2021-04-18 14:00:18 -06:00
eugenijm 7fcaa188a0 Allow to define custom HTTP headers per each frontend 2021-01-21 21:55:23 +03:00
eugenijm 133644dfa2 Ability to set the Service-Worker-Allowed header 2021-01-21 21:55:11 +03:00
Haelwenn (lanodan) Monnier c4439c630f
Bump Copyright to 2021 
grep -rl '# Copyright © .* Pleroma' * | xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>;'
 2021-01-13 07:49:50 +01:00
Alexander Strizhakov abc3c7689b
HTTPSecurityPlug module name and filename 2020-10-13 16:43:55 +03:00
Alexander Strizhakov 2501793f81
moving plugs into web dir 2020-10-13 16:38:19 +03:00