summaryrefslogtreecommitdiff
path: root/cmd/gotosocial/action/server/server.go
diff options
context:
space:
mode:
Diffstat (limited to 'cmd/gotosocial/action/server/server.go')
-rw-r--r--cmd/gotosocial/action/server/server.go23
1 files changed, 23 insertions, 0 deletions
diff --git a/cmd/gotosocial/action/server/server.go b/cmd/gotosocial/action/server/server.go
index eb76b8f43..e966c46be 100644
--- a/cmd/gotosocial/action/server/server.go
+++ b/cmd/gotosocial/action/server/server.go
@@ -204,6 +204,29 @@ var Start action.GTSAction = func(ctx context.Context) error {
middleware.ExtraHeaders(),
}...)
+ // Instantiate Content-Security-Policy
+ // middleware, with extra URIs.
+ cspExtraURIs := make([]string, 0)
+
+ // Probe storage to check if extra URI is needed in CSP.
+ // Error here means something is wrong with storage.
+ storageCSPUri, err := state.Storage.ProbeCSPUri(ctx)
+ if err != nil {
+ return fmt.Errorf("error deriving Content-Security-Policy uri from storage: %w", err)
+ }
+
+ // storageCSPUri may be empty string if
+ // not S3-backed storage; check for this.
+ if storageCSPUri != "" {
+ cspExtraURIs = append(cspExtraURIs, storageCSPUri)
+ }
+
+ // Add any extra CSP URIs from config.
+ cspExtraURIs = append(cspExtraURIs, config.GetAdvancedCSPExtraURIs()...)
+
+ // Add CSP to middlewares.
+ middlewares = append(middlewares, middleware.ContentSecurityPolicy(cspExtraURIs...))
+
// attach global middlewares which are used for every request
router.AttachGlobalMiddleware(middlewares...)
generated by cgit v1.2.3 (git 2.46.0) at 2025-08-04 00:10:09 +0000