chinwag/chinwagsocial
chinwag/chinwagsocial
2
0
Fork 0
Code Issues Pull requests Releases 14 Wiki Activity

Add EXTRA_MEDIA_HOSTS environment variable to add extra hosts to Content-Security-Policy (#34184)

Browse source 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
This commit is contained in:
Shlee 2025-03-26 18:12:15 +10:30 committed by GitHub
commit 803a8be998
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 8 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.env.production.sample
View file

@ -79,6 +79,9 @@ AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
S3_ALIAS_HOST=files.example.com
# Optional list of hosts that are allowed to serve media for your instance
# EXTRA_MEDIA_HOSTS=https://data.example1.com,https://data.example2.com
# IP and session retention
# -----------------------
# Make sure to modify the scheduling of ip_cleanup_scheduler in config/sidekiq.yml

6
app/lib/content_security_policy.rb
View file

@ -10,7 +10,7 @@ class ContentSecurityPolicy
end
def media_hosts
[assets_host, cdn_host_value, paperclip_root_url].compact
[assets_host, cdn_host_value, paperclip_root_url].concat(extra_media_hosts).compact
end
def sso_host
@ -31,6 +31,10 @@ class ContentSecurityPolicy
private
def extra_media_hosts
ENV.fetch('EXTRA_MEDIA_HOSTS', '').split(/(?:\s*,\s*|\s+)/)
end
def url_from_configured_asset_host
Rails.configuration.action_controller.asset_host
end