Allow configuration of storage server URL for security policy

author Tom Hughes <tom@compton.nu>

Sun, 7 Jul 2019 15:14:00 +0000 (16:14 +0100)

committer Tom Hughes <tom@compton.nu>

Tue, 9 Jul 2019 18:43:03 +0000 (19:43 +0100)
author Tom Hughes <tom@compton.nu>
Sun, 7 Jul 2019 15:14:00 +0000 (16:14 +0100)
committer Tom Hughes <tom@compton.nu>
Tue, 9 Jul 2019 18:43:03 +0000 (19:43 +0100)
diff --git a/config/initializers/secure_headers.rb b/config/initializers/secure_headers.rb

index 54702a39915818ebbd0bace6a7486766c0b445cc..b24eb5c4264250c9f65c5ba5bd27bd91322a670f 100644 (file)
--- a/config/initializers/secure_headers.rb
+++ b/config/initializers/secure_headers.rb
@@ -21,6 +21,9 @@ csp_policy = {
  csp_policy[:connect_src] << PIWIK["location"] if defined?(PIWIK)
  csp_policy[:img_src] << PIWIK["location"] if defined?(PIWIK)
  csp_policy[:script_src] << PIWIK["location"] if defined?(PIWIK)
+
+csp_policy[:img_src] << Settings.storage_url if Settings.key?(:storage_url)
+
  csp_policy[:report_uri] << Settings.csp_report_url if Settings.key?(:csp_report_url)
  
  cookie_policy = {
diff --git a/config/settings.yml b/config/settings.yml

index d91f52f0847a86f76aad6d6a3379f853ea266e73..0f64382c9f4e39fe837765def550a8a063b620f8 100644 (file)
--- a/config/settings.yml
+++ b/config/settings.yml
@@ -124,3 +124,5 @@ csp_enforce: false
  #csp_report_url: ""
  # Storage service to use in production mode
  storage_service: "local"
+# Root URL for storage service
+# storage_url:
author	Tom Hughes <tom@compton.nu>
	Sun, 7 Jul 2019 15:14:00 +0000 (16:14 +0100)
committer	Tom Hughes <tom@compton.nu>
	Tue, 9 Jul 2019 18:43:03 +0000 (19:43 +0100)
config/initializers/secure_headers.rb		patch \| blob \| history
config/settings.yml		patch \| blob \| history