cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Allow trace image URL to be configured in the CSP policy

Browse source
This commit is contained in:
Tom Hughes 2022-02-13 19:25:42 +00:00
parent 53aa7259bb
commit 1612ea75c5
4 changed files with 16 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

2
config/environments/production.rb
View file

@ -39,7 +39,7 @@ Rails.application.configure do
# config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
# Store uploaded files on the local file system (see config/storage.yml for options). # Store uploaded files on the local file system (see config/storage.yml for options).
config.active_storage.service = Settings.storage_service.to_sym config.active_storage.service = :local
# Mount Action Cable outside main process or domain. # Mount Action Cable outside main process or domain.
# config.action_cable.mount_path = nil # config.action_cable.mount_path = nil

5
config/initializers/config.rb
View file

@ -77,6 +77,9 @@ Config.setup do |config|
required(:api_timeout).filled(:int?) required(:api_timeout).filled(:int?)
required(:imagery_blacklist).maybe(:array?) required(:imagery_blacklist).maybe(:array?)
required(:status).filled(:str?, :included_in? => ALLOWED_STATUS) required(:status).filled(:str?, :included_in? => ALLOWED_STATUS)
required(:storage_service).filled(:str?) required(:avatar_storage).filled(:str?)
required(:trace_file_storage).filled(:str?)
required(:trace_image_storage).filled(:str?)
required(:trace_icon_storage).filled(:str?)
end end
end end

3
config/initializers/secure_headers.rb
View file

@ -22,7 +22,8 @@ csp_policy[:connect_src] << PIWIK["location"] if defined?(PIWIK)
csp_policy[:img_src] << PIWIK["location"] if defined?(PIWIK) csp_policy[:img_src] << PIWIK["location"] if defined?(PIWIK)
csp_policy[:script_src] << PIWIK["location"] if defined?(PIWIK) csp_policy[:script_src] << PIWIK["location"] if defined?(PIWIK)
csp_policy[:img_src] << Settings.storage_url if Settings.key?(:storage_url) csp_policy[:img_src] << Settings.avatar_storage_url if Settings.key?(:avatar_storage_url)
csp_policy[:img_src] << Settings.trace_image_storage_url if Settings.key?(:trace_image_storage_url)
csp_policy[:report_uri] << Settings.csp_report_url if Settings.key?(:csp_report_url) csp_policy[:report_uri] << Settings.csp_report_url if Settings.key?(:csp_report_url)

18
config/settings.yml
View file

@ -118,10 +118,15 @@ fossgis_osrm_url: "https://routing.openstreetmap.de/"
csp_enforce: false csp_enforce: false
# URL for reporting Content-Security-Policy violations # URL for reporting Content-Security-Policy violations
#csp_report_url: "" #csp_report_url: ""
# Storage service to use in production mode # Storage services to use in production mode
storage_service: "local" avatar_storage: "local"
# Root URL for storage service trace_file_storage: "local"
# storage_url: trace_image_storage: "local"
trace_icon_storage: "local"
# Root URL for storage services
# avatar_storage_url:
# trace_image_storage_url:
# trace_icon_storage_url:
# URL for tile CDN # URL for tile CDN
#tile_cdn_url: "" #tile_cdn_url: ""
# SMTP settings for outbound mail # SMTP settings for outbound mail
@ -132,8 +137,3 @@ smtp_enable_starttls_auto: false
smtp_authentication: null smtp_authentication: null
smtp_user_name: null smtp_user_name: null
smtp_password: null smtp_password: null
# Storage services
avatar_storage: "local"
trace_file_storage: "local"
trace_image_storage: "local"
trace_icon_storage: "local"