rename CSPPlug to HTTPSecurityPlug.

fe67665e · kaniini · 5dda13ee · fe67665e · fe67665e · fe67665e
Commit fe67665e authored 6 years ago by kaniini
--- a/config/config.exs
+++ b/config/config.exs
@@ -176,7 +176,7 @@ config :pleroma, :suggestions,
  limit: 23,
  web: "https://vinayaka.distsn.org/?{{host}}+{{user}}"

-config :pleroma, :csp,
+config :pleroma, :http_security,
  enabled: true,
  sts: false,
  sts_max_age: 31_536_000,

--- a/config/config.md
+++ b/config/config.md
@@ -81,7 +81,7 @@ This section is used to configure Pleroma-FE, unless ``:managed_config`` in ``:i
 * ``outgoing_blocks``: Whether to federate blocks to other instances
 * ``deny_follow_blocked``: Whether to disallow following an account that has blocked the user in question

-## :csp
+## :http_security
 * ``enabled``: Whether the managed content security policy is enabled
 * ``sts``: Whether to additionally send a `Strict-Transport-Security` header
 * ``sts_max_age``: The maximum age for the `Strict-Transport-Security` header if sent

--- a/lib/pleroma/plugs/csp_plug.ex
+++ b/lib/pleroma/plugs/csp_plug.ex
-defmodule Pleroma.Plugs.CSPPlug do
+defmodule Pleroma.Plugs.HTTPSecurityPlug do
  alias Pleroma.Config
  import Plug.Conn

  def init(opts), do: opts

  def call(conn, options) do
-    if Config.get([:csp, :enabled]) do
+    if Config.get([:http_security, :enabled]) do
      conn =
        merge_resp_headers(conn, headers())
-        |> maybe_send_sts_header(Config.get([:csp, :sts]))
+        |> maybe_send_sts_header(Config.get([:http_security, :sts]))
    else
      conn
    end
@@ -44,8 +44,8 @@ defmodule Pleroma.Plugs.CSPPlug do
  end

  defp maybe_send_sts_header(conn, true) do
-    max_age_sts = Config.get([:csp, :sts_max_age])
-    max_age_ct = Config.get([:csp, :ct_max_age])
+    max_age_sts = Config.get([:http_security, :sts_max_age])
+    max_age_ct = Config.get([:http_security, :ct_max_age])

    merge_resp_headers(conn, [
      {"strict-transport-security", "max-age=#{max_age_sts}; includeSubDomains"},

--- a/lib/pleroma/web/endpoint.ex
+++ b/lib/pleroma/web/endpoint.ex
@@ -12,7 +12,7 @@ defmodule Pleroma.Web.Endpoint do
  # You should set gzip to true if you are running phoenix.digest
  # when deploying your static files in production.
  plug(CORSPlug)
-  plug(Pleroma.Plugs.CSPPlug)
+  plug(Pleroma.Plugs.HTTPSecurityPlug)

  plug(Plug.Static, at: "/media", from: Pleroma.Uploaders.Local.upload_path(), gzip: false)


--- a/test/plugs/csp_plug_test.exs
+++ b/test/plugs/csp_plug_test.exs
-defmodule Pleroma.Web.Plugs.CSPPlugTest do
+defmodule Pleroma.Web.Plugs.HTTPSecurityPlugTest do
  use Pleroma.Web.ConnCase
  alias Pleroma.Config
  alias Plug.Conn

  test "it sends CSP headers when enabled", %{conn: conn} do
-    Config.put([:csp, :enabled], true)
+    Config.put([:http_security, :enabled], true)

    conn =
      conn
@@ -20,7 +20,7 @@ defmodule Pleroma.Web.Plugs.CSPPlugTest do
  end

  test "it does not send CSP headers when disabled", %{conn: conn} do
-    Config.put([:csp, :enabled], false)
+    Config.put([:http_security, :enabled], false)

    conn =
      conn
@@ -36,8 +36,8 @@ defmodule Pleroma.Web.Plugs.CSPPlugTest do
  end

  test "it sends STS headers when enabled", %{conn: conn} do
-    Config.put([:csp, :enabled], true)
-    Config.put([:csp, :sts], true)
+    Config.put([:http_security, :enabled], true)
+    Config.put([:http_security, :sts], true)

    conn =
      conn
@@ -48,8 +48,8 @@ defmodule Pleroma.Web.Plugs.CSPPlugTest do
  end

  test "it does not send STS headers when disabled", %{conn: conn} do
-    Config.put([:csp, :enabled], true)
-    Config.put([:csp, :sts], false)
+    Config.put([:http_security, :enabled], true)
+    Config.put([:http_security, :sts], false)

    conn =
      conn