Mercurial Mercurial > prosody > prosody-modules / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2/mod_http_oauth2.lua
changeset 5551 d4a2997deae9
parent 5548 cb141088eff0
child 5552 fd3c12c40cd9 
--- a/mod_http_oauth2/mod_http_oauth2.lua	Sun Jun 11 14:03:27 2023 +0200
+++ b/mod_http_oauth2/mod_http_oauth2.lua	Sun Jun 11 14:06:28 2023 +0200
@@ -72,6 +72,8 @@
 
 local site_name = module:get_option_string("site_name", module.host);
 
+local security_policy = module:get_option_string("oauth2_security_policy", "default-src 'self'");
+
 local render_html = require"util.interpolation".new("%b{}", st.xml_escape);
 local function render_page(template, data, sensitive)
 	data = data or {};
@@ -80,7 +82,7 @@
 		status_code = data.error and data.error.code or 200;
 		headers = {
 			["Content-Type"] = "text/html; charset=utf-8";
-			["Content-Security-Policy"] = "default-src 'self'";
+			["Content-Security-Policy"] = security_policy;
 			["Referrer-Policy"] = "no-referrer";
 			["X-Frame-Options"] = "DENY";
 			["Cache-Control"] = (sensitive and "no-store" or "no-cache")..", private";
prosody-modules