diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/config/index.js | 2 | ||||
-rw-r--r-- | lib/csp.js | 4 | ||||
-rw-r--r-- | lib/web/imageRouter/filesystem.js | 4 |
3 files changed, 5 insertions, 5 deletions
diff --git a/lib/config/index.js b/lib/config/index.js index b8480966..cbe6c39c 100644 --- a/lib/config/index.js +++ b/lib/config/index.js @@ -165,7 +165,7 @@ if (config.sessionSecret === 'secret') { // Validate upload upload providers if (['filesystem', 's3', 'minio', 'imgur', 'azure'].indexOf(config.imageUploadType) === -1) { - logger.error('"imageuploadtype" is not correctly set. Please use "filesystem", "s3", "minio", "azure" or "imgur". Defaulting to "imgur"') + logger.error('"imageuploadtype" is not correctly set. Please use "filesystem", "s3", "minio", "azure" or "imgur". Defaulting to "filesystem"') config.imageUploadType = 'filesystem' } @@ -23,7 +23,7 @@ var cdnDirectives = { } var disqusDirectives = { - scriptSrc: ['https://*.disqus.com', 'https://*.disquscdn.com'], + scriptSrc: ['https://disqus.com', 'https://*.disqus.com', 'https://*.disquscdn.com'], styleSrc: ['https://*.disquscdn.com'], fontSrc: ['https://*.disquscdn.com'] } @@ -71,7 +71,7 @@ function addInlineScriptExceptions (directives) { directives.scriptSrc.push(getCspNonce) // TODO: This is the SHA-256 hash of the inline script in build/reveal.js/plugins/notes/notes.html // Any more clean solution appreciated. - directives.scriptSrc.push('\'sha256-L0TsyAQLAc0koby5DCbFAwFfRs9ZxesA+4xg0QDSrdI=\'') + directives.scriptSrc.push('\'sha256-Lc+VnBdinzYTTAkFrIoUqdoA9EQFeS1AF9ybmF+LLfM=\'') } function getCspNonce (req, res) { diff --git a/lib/web/imageRouter/filesystem.js b/lib/web/imageRouter/filesystem.js index a2f8700d..7c876d66 100644 --- a/lib/web/imageRouter/filesystem.js +++ b/lib/web/imageRouter/filesystem.js @@ -1,5 +1,5 @@ 'use strict' -const url = require('url') +const URL = require('url').URL const path = require('path') const config = require('../../config') @@ -16,5 +16,5 @@ exports.uploadImage = function (imagePath, callback) { return } - callback(null, url.URL.resolve(config.serverURL + '/uploads/', path.basename(imagePath))) + callback(null, (new URL(path.basename(imagePath), config.serverURL + '/uploads/')).href) } |