diff options
| author | Rigel Kent <par@rigelk.eu> | 2018-12-13 09:49:45 +0100 |
|---|---|---|
| committer | Chocobozzz <me@florianbigard.com> | 2018-12-13 09:49:45 +0100 |
| commit | 5e755fff9d70a7fd3c4f85bb524f1b774dd85b25 (patch) | |
| tree | 699a0724de91f4151ec7d67b700f5b7736a78e45 /server/initializers | |
| parent | 9ecac97be024cf2277872986950d7eec85cbc76e (diff) | |
| download | PeerTube-5e755fff9d70a7fd3c4f85bb524f1b774dd85b25.tar.gz PeerTube-5e755fff9d70a7fd3c4f85bb524f1b774dd85b25.tar.zst PeerTube-5e755fff9d70a7fd3c4f85bb524f1b774dd85b25.zip | |
add Content Security Policy (#1252)
* add Content Security Policy
* remove reflect-metadata on production builds to get rid of unsafe-eval
* fix baseCSP usage
* add SRI to CSP
* add blob: to media-src
* remove SRI
* CSP set to reportOnly
* adding data: to connect-src CSP
* remove block-all-mixed-content
* add report-uri support
Diffstat (limited to 'server/initializers')
| -rw-r--r-- | server/initializers/constants.ts | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/server/initializers/constants.ts b/server/initializers/constants.ts index ad61bee73..f1a734f48 100644 --- a/server/initializers/constants.ts +++ b/server/initializers/constants.ts | |||
| @@ -290,6 +290,7 @@ const CONFIG = { | |||
| 290 | get SECURITYTXT_CONTACT () { return config.get<string>('admin.email') } | 290 | get SECURITYTXT_CONTACT () { return config.get<string>('admin.email') } |
| 291 | }, | 291 | }, |
| 292 | SERVICES: { | 292 | SERVICES: { |
| 293 | get 'CSP-LOGGER' () { return config.get<string>('services.csp-logger') }, | ||
| 293 | TWITTER: { | 294 | TWITTER: { |
| 294 | get USERNAME () { return config.get<string>('services.twitter.username') }, | 295 | get USERNAME () { return config.get<string>('services.twitter.username') }, |
| 295 | get WHITELISTED () { return config.get<boolean>('services.twitter.whitelisted') } | 296 | get WHITELISTED () { return config.get<boolean>('services.twitter.whitelisted') } |