From 6a78cace52c654d6e02620bb65de6e26f0718b1b Mon Sep 17 00:00:00 2001
From: OniriCorpe <oniricorpe@disroot.org>
Date: Fri, 25 Aug 2023 16:52:18 +0200
Subject: [PATCH] add: advanced-csp-extra-uri

---
 conf/config.yaml | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/conf/config.yaml b/conf/config.yaml
index 08678b2..5cbc7b0 100644
--- a/conf/config.yaml
+++ b/conf/config.yaml
@@ -903,4 +903,22 @@ advanced-throttling-retry-after: "30s"
 # 1 cpu = 1 concurrent sender
 # 2 cpu = 1 concurrent sender
 # 4 cpu = 1 concurrent sender
-advanced-sender-multiplier: 2
\ No newline at end of file
+advanced-sender-multiplier: 2
+
+# Array of string. Extra URIs to add to 'img-src' and 'media-src'
+# when building the Content-Security-Policy header for your instance.
+#
+# This can be used to allow the browser to load resources from additional
+# sources like S3 buckets and so on when viewing your instance's pages
+# and profiles in the browser.
+#
+# Since non-proxying S3 storage will be probed on instance launch to
+# generate a correct Content-Security-Policy, you probably won't need
+# to ever touch this setting, but it's included in the 'spirit of more
+# configurable (usually) means more good'.
+# 
+# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
+#
+# Example: ["s3.example.org", "some-bucket-name.s3.example.org"]
+# Default: []
+advanced-csp-extra-uris: []
\ No newline at end of file