Uploads: Sandbox them in the CSP.

This commit is contained in:
lain 2020-04-15 12:05:22 +02:00
parent 96eae62995
commit 6bc76df287

View file

@ -41,6 +41,7 @@ def call(%{request_path: <<"/", @path, "/", file::binary>>} = conn, opts) do
conn ->
conn
end
|> merge_resp_headers([{"content-security-policy", "sandbox"}])
config = Pleroma.Config.get(Pleroma.Upload)