-#!/usr/bin/perl -w
+#!/usr/bin/perl
use v5.14;
-no if $] >= 5.017011, warnings => 'experimental::smartmatch';
+use warnings;
use Gruntmaster::Data;
use Plack::App::Gruntmaster;
use Plack::Util;
use Log::Log4perl;
-use constant AUTH_TIMEOUT => 5 * 60;
-use constant ACCESSLOG_FORMAT => '%{X-Forwarded-For}i %l %u %t "%r" %>s %b "%{Referer}i" "%{User-agent}i"';
-
sub CONTENT_SECURITY_POLICY () {
my $csp = <<CSP;
default-src 'none'
connect-src 'self'
form-action 'self'
frame-ancestors 'none'
-img-src 'self' https://static.mindcoding.ro www.google-analytics.com
+img-src 'self' https://static.mindcoding.ro
referrer origin-when-cross-origin
-script-src https://static.mindcoding.ro/static/js.js https://www.google-analytics.com/analytics.js
-style-src https://static.mindcoding.ro/static/css/
+script-src 'self'
+style-src 'self'
CSP
chomp $csp;
$csp =~ s/\n/; /gr;
}
Log::Log4perl->init_once('log.conf');
-my $access_logger = Log::Log4perl->get_logger('access');
$ENV{DBIC_NULLABLE_KEY_NOWARN} = 1;
builder {
enable_if { $_[0]->{PATH_INFO} eq '/ok' } sub { sub{ [200, [], []] }};
- enable 'AccessLog', format => ACCESSLOG_FORMAT, logger => sub { $access_logger->info(@_) };
enable 'ContentLength';
enable \&add_headers;
enable 'Static', path => qr,^/static/,;