aboutsummaryrefslogtreecommitdiffhomepage
path: root/server
diff options
context:
space:
mode:
authorLucien A <lu.aubert84@gmail.com>2020-03-11 08:46:03 +0100
committerGitHub <noreply@github.com>2020-03-11 08:46:03 +0100
commit9878d1ac63682ba58ace4cbe8b1878fa77c58acb (patch)
treec2af8f6d449992bcaa82e01048ad3bae51134e1e /server
parent03efb1419d33627939ee9593633fc703b957199d (diff)
downloadPeerTube-9878d1ac63682ba58ace4cbe8b1878fa77c58acb.tar.gz
PeerTube-9878d1ac63682ba58ace4cbe8b1878fa77c58acb.tar.zst
PeerTube-9878d1ac63682ba58ace4cbe8b1878fa77c58acb.zip
Fix CSP issue on WebFinger service (#2541)
* Fix CSP issue on WebFinger service WebFinger RFC states that CSP should allow any origin to access WebFinger resources. * Update webfinger.ts
Diffstat (limited to 'server')
-rw-r--r--server/controllers/webfinger.ts3
1 files changed, 3 insertions, 0 deletions
diff --git a/server/controllers/webfinger.ts b/server/controllers/webfinger.ts
index 77c851880..5c308d9ad 100644
--- a/server/controllers/webfinger.ts
+++ b/server/controllers/webfinger.ts
@@ -1,9 +1,12 @@
1import * as cors from 'cors'
1import * as express from 'express' 2import * as express from 'express'
2import { asyncMiddleware } from '../middlewares' 3import { asyncMiddleware } from '../middlewares'
3import { webfingerValidator } from '../middlewares/validators' 4import { webfingerValidator } from '../middlewares/validators'
4 5
5const webfingerRouter = express.Router() 6const webfingerRouter = express.Router()
6 7
8webfingerRouter.use(cors())
9
7webfingerRouter.get('/.well-known/webfinger', 10webfingerRouter.get('/.well-known/webfinger',
8 asyncMiddleware(webfingerValidator), 11 asyncMiddleware(webfingerValidator),
9 webfingerController 12 webfingerController