diff options
author | Claire <claire.github-309c@sitedethib.com> | 2021-04-20 12:17:14 +0200 |
---|---|---|
committer | Claire <claire.github-309c@sitedethib.com> | 2021-04-20 12:17:14 +0200 |
commit | e2a2bc90213a653b772b457499cedbfe2e830d74 (patch) | |
tree | c97643e3977ce9110fdf081ed3f3a70ae1a4457f /config/environments | |
parent | df326b8b5c0659edb2aca77690a892f228b0e099 (diff) | |
parent | b5ac17c4b6bfa85494fd768bbf1af87ca79b622b (diff) |
Merge branch 'main' into glitch-soc/merge-upstream
Conflicts: - `README.md`: Upstream updated copyright year, we don't mention it so kept our version. - `app/controllers/admin/dashboard_controller.rb`: Not really a conflict, upstream change (removing the spam checker) too close to glitch-soc changes. Ported upstream changes. - `app/models/form/admin_settings.rb`: Same. - `app/services/remove_status_service.rb`: Same. - `app/views/admin/settings/edit.html.haml`: Same. - `config/settings.yml`: Same. - `config/environments/production.rb`: Not a real conflict, upstream added a default HTTP header, but we have extra headers in glitch-soc. Added the header.
Diffstat (limited to 'config/environments')
-rw-r--r-- | config/environments/production.rb | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/config/environments/production.rb b/config/environments/production.rb index 8d811451c..bf6b5d88e 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -90,9 +90,12 @@ Rails.application.configure do config.action_mailer.perform_caching = false # E-mails + outgoing_email_address = ENV.fetch('SMTP_FROM_ADDRESS', 'notifications@localhost') + outgoing_mail_domain = Mail::Address.new(outgoing_email_address).domain config.action_mailer.default_options = { - from: ENV.fetch('SMTP_FROM_ADDRESS', 'notifications@localhost'), - reply_to: ENV['SMTP_REPLY_TO'] + from: outgoing_email_address, + reply_to: ENV['SMTP_REPLY_TO'], + 'Message-ID': -> { "<#{Mail.random_tag}@#{outgoing_mail_domain}>" }, } config.action_mailer.smtp_settings = { @@ -116,10 +119,10 @@ Rails.application.configure do 'X-Frame-Options' => 'DENY', 'X-Content-Type-Options' => 'nosniff', 'X-XSS-Protection' => '1; mode=block', + 'Permissions-Policy' => 'interest-cohort=()', 'Referrer-Policy' => 'same-origin', 'Strict-Transport-Security' => 'max-age=63072000; includeSubDomains; preload', 'X-Clacks-Overhead' => 'GNU Natalie Nguyen' - } config.x.otp_secret = ENV.fetch('OTP_SECRET') |