1
0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2024-11-22 19:02:54 +01:00

Update CSP for DuckDuckGo email forwarding

Upstream PR: https://github.com/bitwarden/clients/pull/3630
This commit is contained in:
Jeremy Lin 2022-10-11 21:27:15 -07:00 committed by Daniel García
parent 4283a49e0b
commit 46ec11de12
No known key found for this signature in database
GPG Key ID: FC8A7D14C3CD543A

View File

@ -60,7 +60,7 @@ impl Fairing for AppHeaders {
// Leaked Passwords check: api.pwnedpasswords.com
// 2FA/MFA Site check: 2fa.directory
// # Mail Relay: https://bitwarden.com/blog/add-privacy-and-security-using-email-aliases-with-bitwarden/
// app.simplelogin.io, app.anonaddy.com, api.fastmail.com
// app.simplelogin.io, app.anonaddy.com, api.fastmail.com, quack.duckduckgo.com
let csp = format!(
"default-src 'self'; \
object-src 'self' blob:; \
@ -83,6 +83,7 @@ impl Fairing for AppHeaders {
https://app.simplelogin.io/api/ \
https://app.anonaddy.com/api/ \
https://api.fastmail.com/ \
https://quack.duckduckgo.com/api/email/ \
;\
",
icon_service_csp = CONFIG._icon_service_csp(),