mirror of
https://github.com/zedeus/nitter.git
synced 2024-05-19 01:28:09 +00:00
Add support for using a nonce with the Content-Security-Policy header
This commit is contained in:
parent
5eb010e7cd
commit
289edc973c
|
@ -21,6 +21,7 @@ redisMaxConnections = 30
|
|||
|
||||
[Config]
|
||||
hmacKey = "secretkey" # random key for cryptographic signing of video urls
|
||||
nonceString = "secretstring" # random string for the Content-Security-Policy header with script-src
|
||||
base64Media = false # use base64 encoding for proxied media urls
|
||||
enableRSS = true # set this to false to disable RSS feeds
|
||||
enableDebug = false # enable request logs and debug endpoints (/.accounts)
|
||||
|
|
|
@ -35,6 +35,7 @@ proc getConfig*(path: string): (Config, parseCfg.Config) =
|
|||
|
||||
# Config
|
||||
hmacKey: cfg.get("Config", "hmacKey", "secretkey"),
|
||||
nonceString: cfg.get("Config", "nonceString", "secretstring"),
|
||||
base64Media: cfg.get("Config", "base64Media", false),
|
||||
minTokens: cfg.get("Config", "tokenCount", 10),
|
||||
enableRss: cfg.get("Config", "enableRSS", true),
|
||||
|
|
|
@ -256,6 +256,7 @@ type
|
|||
staticDir*: string
|
||||
|
||||
hmacKey*: string
|
||||
nonceString*: string
|
||||
base64Media*: bool
|
||||
minTokens*: int
|
||||
enableRss*: bool
|
||||
|
|
|
@ -73,11 +73,11 @@ proc renderHead*(prefs: Prefs; cfg: Config; req: Request; titleText=""; desc="";
|
|||
link(rel="alternate", type="application/rss+xml", href=rss, title="RSS feed")
|
||||
|
||||
if prefs.hlsPlayback:
|
||||
script(src="/js/hls.light.min.js", `defer`="")
|
||||
script(src="/js/hlsPlayback.js", `defer`="")
|
||||
script(nonce=cfg.nonceString, src="/js/hls.light.min.js", `defer`="")
|
||||
script(nonce=cfg.nonceString, src="/js/hlsPlayback.js", `defer`="")
|
||||
|
||||
if prefs.infiniteScroll:
|
||||
script(src="/js/infiniteScroll.js", `defer`="")
|
||||
script(nonce=cfg.nonceString, src="/js/infiniteScroll.js", `defer`="")
|
||||
|
||||
title:
|
||||
if titleText.len > 0:
|
||||
|
|
Loading…
Reference in a new issue