[feature/bugfix] Probe S3 storage for CSP uri, add config flag for extra URIs (#2134)

* [feature/bugfix] Probe S3 storage for CSP uri, add config flag for extra URIs * env parsing tests, my coy mistress
2025-10-29 03:22:24 -05:00 · 2023-08-20 13:35:55 +02:00 · 2023-08-20 13:35:55 +02:00 · 1e2db7a32f
commit 1e2db7a32f
parent 92de8fb396
13 changed files with 343 additions and 110 deletions
--- a/example/config.yaml
+++ b/example/config.yaml
@ -903,3 +903,21 @@ advanced-throttling-retry-after: "30s"
 # 2 cpu = 1 concurrent sender
 # 4 cpu = 1 concurrent sender
 advanced-sender-multiplier: 2
+
+# Array of string. Extra URIs to add to 'img-src' and 'media-src'
+# when building the Content-Security-Policy header for your instance.
+#
+# This can be used to allow the browser to load resources from additional
+# sources like S3 buckets and so on when viewing your instance's pages
+# and profiles in the browser.
+#
+# Since non-proxying S3 storage will be probed on instance launch to
+# generate a correct Content-Security-Policy, you probably won't need
+# to ever touch this setting, but it's included in the 'spirit of more
+# configurable (usually) means more good'.
+# 
+# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
+#
+# Example: ["s3.example.org", "some-bucket-name.s3.example.org"]
+# Default: []
+advanced-csp-extra-uris: []