Riot web doesn't like content security

2017-05-10 12:59:31 +01:00 · 2017-05-10 12:59:31 +01:00 · 38e085fc18
parent fe7fa4254f
commit 38e085fc18
1 changed files with 4 additions and 0 deletions
--- a/src/freedombone-app-riot
+++ b/src/freedombone-app-riot
@ -227,6 +227,7 @@ function install_riot {
    sed -i "s|\"integrations_ui_url\":.*|\"integrations_ui_url\": \"https://${MATRIX_DOMAIN_NAME}/\",|g" config.json
    sed -i "s|\"integrations_rest_url\":.*|\"integrations_rest_url\": \"https://${MATRIX_DOMAIN_NAME}/api\",|g" config.json
    sed -i "s|\"bug_report_endpoint_url\":.*|\"bug_report_endpoint_url\": \"https://${MATRIX_DOMAIN_NAME}/bugs\",|g" config.json
+    sed -i "/\"servers\":/a \"matrix.freedombone.net\"," config.json

    RIOT_ONION_HOSTNAME=$(add_onion_service riot 80 ${RIOT_ONION_PORT})

@ -292,6 +293,9 @@ function install_riot {
    nginx_keybase ${RIOT_DOMAIN_NAME}
    echo '}' >> $riot_nginx_site

+    sed '/Content-Security-Policy/d' $riot_nginx_site
+    sed -i 's| DENY;| SAMEORIGIN;|g' $riot_nginx_site
+
    function_check create_site_certificate
    if [ ! -f /etc/ssl/certs/${RIOT_DOMAIN_NAME}.pem ]; then
        create_site_certificate $RIOT_DOMAIN_NAME 'yes'