fix missing scheme on meta elements

move scheme logic
2025-12-29 02:51:25 +00:00 · 2025-04-03 00:34:50 -03:00
parent ce052103e7
commit e3d60a0517
4 changed files with 17 additions and 13 deletions
--- a/src/invidious/routes/before_all.cr
+++ b/src/invidious/routes/before_all.cr
@@ -67,9 +67,11 @@ module Invidious::Routes::BeforeAll
      frame_ancestors = "'none'"
    end

+    scheme = env.request.headers["X-Forwarded-Proto"]? || ("https" if CONFIG.https_only) || "http"
+    env.set "scheme", scheme
+
    # TODO: Remove style-src's 'unsafe-inline', requires to remove all
    # inline styles (<style> [..] </style>, style=" [..] ")
-    scheme = env.request.headers["X-Forwarded-Proto"]? || ("https" if CONFIG.https_only) || "http"
    env.response.headers["Content-Security-Policy"] = {
      "default-src 'none'",
      "script-src 'self'",