aboutsummaryrefslogtreecommitdiffhomepage
path: root/server
diff options
context:
space:
mode:
Diffstat (limited to 'server')
-rw-r--r--server/initializers/checker-before-init.ts2
-rw-r--r--server/initializers/config.ts3
-rw-r--r--server/tests/api/server/config.ts9
3 files changed, 9 insertions, 5 deletions
diff --git a/server/initializers/checker-before-init.ts b/server/initializers/checker-before-init.ts
index 8b4d49180..74fed251c 100644
--- a/server/initializers/checker-before-init.ts
+++ b/server/initializers/checker-before-init.ts
@@ -26,7 +26,7 @@ function checkMissedConfig () {
26 'user.video_quota', 'user.video_quota_daily', 26 'user.video_quota', 'user.video_quota_daily',
27 'video_channels.max_per_user', 27 'video_channels.max_per_user',
28 'csp.enabled', 'csp.report_only', 'csp.report_uri', 28 'csp.enabled', 'csp.report_only', 'csp.report_uri',
29 'security.frameguard.enabled', 29 'security.frameguard.enabled', 'security.powered_by_header.enabled',
30 'cache.previews.size', 'cache.captions.size', 'cache.torrents.size', 'admin.email', 'contact_form.enabled', 30 'cache.previews.size', 'cache.captions.size', 'cache.torrents.size', 'admin.email', 'contact_form.enabled',
31 'signup.enabled', 'signup.limit', 'signup.requires_approval', 'signup.requires_email_verification', 'signup.minimum_age', 31 'signup.enabled', 'signup.limit', 'signup.requires_approval', 'signup.requires_email_verification', 'signup.minimum_age',
32 'signup.filters.cidr.whitelist', 'signup.filters.cidr.blacklist', 32 'signup.filters.cidr.whitelist', 'signup.filters.cidr.blacklist',
diff --git a/server/initializers/config.ts b/server/initializers/config.ts
index 9685e7bfc..7ad258f7a 100644
--- a/server/initializers/config.ts
+++ b/server/initializers/config.ts
@@ -236,6 +236,9 @@ const CONFIG = {
236 SECURITY: { 236 SECURITY: {
237 FRAMEGUARD: { 237 FRAMEGUARD: {
238 ENABLED: config.get<boolean>('security.frameguard.enabled') 238 ENABLED: config.get<boolean>('security.frameguard.enabled')
239 },
240 POWERED_BY_HEADER: {
241 ENABLED: config.get<boolean>('security.powered_by_header.enabled')
239 } 242 }
240 }, 243 },
241 TRACKER: { 244 TRACKER: {
diff --git a/server/tests/api/server/config.ts b/server/tests/api/server/config.ts
index b91519660..de7c2f6e2 100644
--- a/server/tests/api/server/config.ts
+++ b/server/tests/api/server/config.ts
@@ -561,15 +561,13 @@ describe('Test config', function () {
561 }) 561 })
562 562
563 it('Should remove the custom configuration', async function () { 563 it('Should remove the custom configuration', async function () {
564 this.timeout(10000)
565
566 await server.config.deleteCustomConfig() 564 await server.config.deleteCustomConfig()
567 565
568 const data = await server.config.getCustomConfig() 566 const data = await server.config.getCustomConfig()
569 checkInitialConfig(server, data) 567 checkInitialConfig(server, data)
570 }) 568 })
571 569
572 it('Should enable frameguard', async function () { 570 it('Should enable/disable security headers', async function () {
573 this.timeout(25000) 571 this.timeout(25000)
574 572
575 { 573 {
@@ -580,13 +578,15 @@ describe('Test config', function () {
580 }) 578 })
581 579
582 expect(res.headers['x-frame-options']).to.exist 580 expect(res.headers['x-frame-options']).to.exist
581 expect(res.headers['x-powered-by']).to.equal('PeerTube')
583 } 582 }
584 583
585 await killallServers([ server ]) 584 await killallServers([ server ])
586 585
587 const config = { 586 const config = {
588 security: { 587 security: {
589 frameguard: { enabled: false } 588 frameguard: { enabled: false },
589 powered_by_header: { enabled: false }
590 } 590 }
591 } 591 }
592 await server.run(config) 592 await server.run(config)
@@ -599,6 +599,7 @@ describe('Test config', function () {
599 }) 599 })
600 600
601 expect(res.headers['x-frame-options']).to.not.exist 601 expect(res.headers['x-frame-options']).to.not.exist
602 expect(res.headers['x-powered-by']).to.not.exist
602 } 603 }
603 }) 604 })
604 605
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-19 16:10:08 +0000