mirror of
https://git.pleroma.social/pleroma/pleroma.git
synced 2024-12-23 00:26:30 +00:00
config: add default parameters for CSPPlug
This commit is contained in:
parent
057a9017b3
commit
69f5dfcfb3
2 changed files with 10 additions and 0 deletions
|
@ -176,6 +176,11 @@ config :pleroma, :suggestions,
|
||||||
limit: 23,
|
limit: 23,
|
||||||
web: "https://vinayaka.distsn.org/?{{host}}+{{user}}"
|
web: "https://vinayaka.distsn.org/?{{host}}+{{user}}"
|
||||||
|
|
||||||
|
config :pleroma, :csp,
|
||||||
|
enabled: true,
|
||||||
|
sts: false,
|
||||||
|
sts_max_age: 31_536_000
|
||||||
|
|
||||||
config :cors_plug,
|
config :cors_plug,
|
||||||
max_age: 86_400,
|
max_age: 86_400,
|
||||||
methods: ["POST", "PUT", "DELETE", "GET", "PATCH", "OPTIONS"],
|
methods: ["POST", "PUT", "DELETE", "GET", "PATCH", "OPTIONS"],
|
||||||
|
|
|
@ -80,3 +80,8 @@ This section is used to configure Pleroma-FE, unless ``:managed_config`` in ``:i
|
||||||
* ``unfollow_blocked``: Whether blocks result in people getting unfollowed
|
* ``unfollow_blocked``: Whether blocks result in people getting unfollowed
|
||||||
* ``outgoing_blocks``: Whether to federate blocks to other instances
|
* ``outgoing_blocks``: Whether to federate blocks to other instances
|
||||||
* ``deny_follow_blocked``: Whether to disallow following an account that has blocked the user in question
|
* ``deny_follow_blocked``: Whether to disallow following an account that has blocked the user in question
|
||||||
|
|
||||||
|
## :csp
|
||||||
|
* ``enabled``: Whether the managed content security policy is enabled
|
||||||
|
* ``sts``: Whether to additionally send a `Strict-Transport-Security` header
|
||||||
|
* ``sts_max_age``: The maximum age for the `Strict-Transport-Security` header if sent
|
||||||
|
|
Loading…
Reference in a new issue