closed-social
/
mastodon
3
0
Fork 2
Code Issues 5 Pull Requests 0 Projects 0 Releases 3 Wiki Activity
Browse Source

Fix CSP when dealing with S3 hosts

closed-social-glitch-2
Thibaut Girka 5 years ago
committed by ThibG
parent
9f25ab9792
commit
58720aa2bd
1 changed files with 3 additions and 1 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +3
    -1
      config/initializers/content_security_policy.rb

+ 3
- 1
config/initializers/content_security_policy.rb View File

@ -7,9 +7,11 @@ if Rails.env.production?
data_hosts = [assets_host]
if ENV['S3_ENABLED'] == 'true'
attachments_host = ENV['S3_ALIAS_HOST'] || ENV['S3_CLOUDFRONT_HOST'] || ENV['S3_HOSTNAME'] || "s3-#{ENV['S3_REGION'] || 'us-east-1'}.amazonaws.com"
attachments_host = "https://#{ENV['S3_ALIAS_HOST'] || ENV['S3_CLOUDFRONT_HOST'] || ENV['S3_HOSTNAME'] || "s3-#{ENV['S3_REGION'] || 'us-east-1'}.amazonaws.com"}"
attachments_host = "https://#{Addressable::URI.parse(attachments_host).host}"
elsif ENV['SWIFT_ENABLED'] == 'true'
attachments_host = ENV['SWIFT_OBJECT_URL']
attachments_host = "https://#{Addressable::URI.parse(attachments_host).host}"
else
attachments_host = nil
end

Write Preview
Loading…
Cancel
Save