Allow trace image URL to be configured in the CSP policy

diff --git a/config/environments/production.rb b/config/environments/production.rb
index 5c72d449c9482b0ced37d6af054f9e6aab125f16..730f1dcfd208d27062e918915b17604b35028c10 100644 (file)
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@@ -39,7 +39,7 @@ Rails.application.configure do
   # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
 
   # Store uploaded files on the local file system (see config/storage.yml for options).
-  config.active_storage.service = Settings.storage_service.to_sym
+  config.active_storage.service = :local
 
   # Mount Action Cable outside main process or domain.
   # config.action_cable.mount_path = nil

diff --git a/config/initializers/config.rb b/config/initializers/config.rb
index d0f8c26fc31b7f5aef6877959006d3ea9b3c9125..4edbcad631aa090107095ac7f200aff9a4d3c80c 100644 (file)
--- a/config/initializers/config.rb
+++ b/config/initializers/config.rb
@@ -77,6 +77,9 @@ Config.setup do |config|
     required(:api_timeout).filled(:int?)
     required(:imagery_blacklist).maybe(:array?)
     required(:status).filled(:str?, :included_in? => ALLOWED_STATUS)
-    required(:storage_service).filled(:str?)
+    required(:avatar_storage).filled(:str?)
+    required(:trace_file_storage).filled(:str?)
+    required(:trace_image_storage).filled(:str?)
+    required(:trace_icon_storage).filled(:str?)
   end
 end

diff --git a/config/initializers/secure_headers.rb b/config/initializers/secure_headers.rb
index f09759fa6f40b06077676258f704d64378d67de7..97952f7cbc08c80f8f97f294018f5a9fc016554c 100644 (file)
--- a/config/initializers/secure_headers.rb
+++ b/config/initializers/secure_headers.rb
@@ -22,7 +22,8 @@ csp_policy[:connect_src] << PIWIK["location"] if defined?(PIWIK)
 csp_policy[:img_src] << PIWIK["location"] if defined?(PIWIK)
 csp_policy[:script_src] << PIWIK["location"] if defined?(PIWIK)
 
-csp_policy[:img_src] << Settings.storage_url if Settings.key?(:storage_url)
+csp_policy[:img_src] << Settings.avatar_storage_url if Settings.key?(:avatar_storage_url)
+csp_policy[:img_src] << Settings.trace_image_storage_url if Settings.key?(:trace_image_storage_url)
 
 csp_policy[:report_uri] << Settings.csp_report_url if Settings.key?(:csp_report_url)
 

diff --git a/config/settings.yml b/config/settings.yml
index ffee16114b480275517fb1942a697a9825853f15..e6b156e28fd3e5f59cdad374b900427357f3b03c 100644 (file)
--- a/config/settings.yml
+++ b/config/settings.yml
@@ -118,10 +118,15 @@ fossgis_osrm_url: "https://routing.openstreetmap.de/"
 csp_enforce: false
 # URL for reporting Content-Security-Policy violations
 #csp_report_url: ""
-# Storage service to use in production mode
-storage_service: "local"
-# Root URL for storage service
-# storage_url:
+# Storage services to use in production mode
+avatar_storage: "local"
+trace_file_storage: "local"
+trace_image_storage: "local"
+trace_icon_storage: "local"
+# Root URL for storage services
+# avatar_storage_url:
+# trace_image_storage_url:
+# trace_icon_storage_url:
 # URL for tile CDN
 #tile_cdn_url: ""
 # SMTP settings for outbound mail
@@ -132,8 +137,3 @@ smtp_enable_starttls_auto: false
 smtp_authentication: null
 smtp_user_name: null
 smtp_password: null
-# Storage services
-avatar_storage: "local"
-trace_file_storage: "local"
-trace_image_storage: "local"
-trace_icon_storage: "local"