diff options
author | Mathijs van Veluw <[email protected]> | 2024-12-15 00:27:20 +0100 |
---|---|---|
committer | GitHub <[email protected]> | 2024-12-15 00:27:20 +0100 |
commit | 4d6d3443aef8fd749436151fcff332e9fefa263f (patch) | |
tree | cae5fb0e78ac3d9adbbbf3e045a3bdf61e96881c /src/util.rs | |
parent | 9cd400db6c5da858a4f49eb883469cbd6cb7337d (diff) | |
download | vaultwarden-4d6d3443aef8fd749436151fcff332e9fefa263f.tar.gz vaultwarden-4d6d3443aef8fd749436151fcff332e9fefa263f.zip |
Allow adding connect-src entries (#5293)
Bitwarden allows to use self-hosted forwarded email services.
But for this to work you need to add custom URL's to the `connect-src` CSP entry.
This commit allows setting this and checks if the URL starts with `https://` else it will abort loading.
Fixes #5290
Signed-off-by: BlackDex <[email protected]>
Diffstat (limited to 'src/util.rs')
-rw-r--r-- | src/util.rs | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/util.rs b/src/util.rs index 88f0b23d..8c4efca8 100644 --- a/src/util.rs +++ b/src/util.rs @@ -98,10 +98,11 @@ impl Fairing for AppHeaders { https://app.addy.io/api/ \ https://api.fastmail.com/ \ https://api.forwardemail.net \ - ;\ + {allowed_connect_src};\ ", icon_service_csp = CONFIG._icon_service_csp(), - allowed_iframe_ancestors = CONFIG.allowed_iframe_ancestors() + allowed_iframe_ancestors = CONFIG.allowed_iframe_ancestors(), + allowed_connect_src = CONFIG.allowed_connect_src(), ); res.set_raw_header("Content-Security-Policy", csp); res.set_raw_header("X-Frame-Options", "SAMEORIGIN"); |