csp plug: add support for certificate transparency

author: William Pitcock <nenolod@dereferenced.org> 2018-11-11 06:53:42 +0000
committer: William Pitcock <nenolod@dereferenced.org> 2018-11-11 06:55:44 +0000
commit: df72978dce3805157537e8fa1a2fec35fcf9a7cd (patch)
tree: 52e22261d014168d4fd94cb59d4af2a1ab1cc986 /lib
parent: 331cf6ada1e4df51b366c79126e094ee335dd684 (diff)
download: pleroma-df72978dce3805157537e8fa1a2fec35fcf9a7cd.tar.gz
pleroma-df72978dce3805157537e8fa1a2fec35fcf9a7cd.zip
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/pleroma/plugs/csp_plug.ex b/lib/pleroma/plugs/csp_plug.ex
index 56f2376ee..8fc21b909 100644
--- a/lib/pleroma/plugs/csp_plug.ex
+++ b/lib/pleroma/plugs/csp_plug.ex
@@ -44,10 +44,12 @@ defmodule Pleroma.Plugs.CSPPlug do
   end
 
   defp maybe_send_sts_header(conn, true) do
-    max_age = Config.get([:csp, :sts_max_age])
+    max_age_sts = Config.get([:csp, :sts_max_age])
+    max_age_ct = Config.get([:csp, :ct_max_age])
 
     merge_resp_headers(conn, [
-      {"strict-transport-security", "max-age=#{max_age}; includeSubDomains"}
+      {"strict-transport-security", "max-age=#{max_age_sts}; includeSubDomains"},
+      {"expect-ct", "enforce, max-age=#{max_age_ct}"}
     ])
   end
author	William Pitcock <nenolod@dereferenced.org>	2018-11-11 06:53:42 +0000
committer	William Pitcock <nenolod@dereferenced.org>	2018-11-11 06:55:44 +0000
commit	df72978dce3805157537e8fa1a2fec35fcf9a7cd (patch)
tree	52e22261d014168d4fd94cb59d4af2a1ab1cc986 /lib
parent	331cf6ada1e4df51b366c79126e094ee335dd684 (diff)
download	pleroma-df72978dce3805157537e8fa1a2fec35fcf9a7cd.tar.gz pleroma-df72978dce3805157537e8fa1a2fec35fcf9a7cd.zip