X-Git-Url: http://git.ieval.ro/?a=blobdiff_plain;f=app.psgi;h=a4e0c34eca7da9c880ec0ee496a8e24e2be310c9;hb=a0aa934a68a90d784546588383363bdaed2f0bfb;hp=2fcdc0058c1dd19781455ba4fcceca5ce0b8860c;hpb=ab4514a37ebc941fd4e5aca8be5bd8d110cf74ca;p=gruntmaster-page.git

diff --git a/app.psgi b/app.psgi
index 2fcdc00..a4e0c34 100644
--- a/app.psgi
+++ b/app.psgi
@@ -12,12 +12,26 @@ use Log::Log4perl;
 use Tie::Hash::Expire;
 
 use constant AUTH_TIMEOUT => 5 * 60;
-use constant ACCESSLOG_FORMAT => '%{X-Forwarded-For}i|%h %u "%r" %>s %b "%{Referer}i" "%{User-agent}i"';
-use constant CONTENT_SECURITY_POLICY => q,default-src 'none'; script-src 'self' www.google-analytics.com; style-src 'self'; img-src 'self'; connect-src 'self'; frame-src free.timeanddate.com,;
+use constant ACCESSLOG_FORMAT => '%{X-Forwarded-For}i %l %u %t "%r" %>s %b "%{Referer}i" "%{User-agent}i"';
 
-my $db = Gruntmaster::Data->connect($ENV{GRUNTMASTER_DSN} // 'dbi:Pg:');
+sub CONTENT_SECURITY_POLICY () {
+	my $csp = <<CSP;
+default-src 'none'
+connect-src 'self'
+form-action 'self'
+frame-ancestors 'none'
+img-src 'self' https://static.mindcoding.ro https://www.google-analytics.com/collect
+referrer origin-when-cross-origin
+script-src https://static.mindcoding.ro/js.js https://www.google-analytics.com/analytics.js
+style-src https://static.mindcoding.ro/css/
+CSP
+	chomp $csp;
+	$csp =~ s/\n/; /gr;
+}
+
+our $db //= Gruntmaster::Data->connect($ENV{GRUNTMASTER_DSN} // 'dbi:Pg:');
 
-tie my %auth, 'Tie::Hash::Expire', {expire_seconds => 300};
+tie my %auth, 'Tie::Hash::Expire', {expire_seconds => AUTH_TIMEOUT};
 
 sub authenticate {
 	my ($user, $pass, $env) = @_;
@@ -40,7 +54,7 @@ sub add_headers {
 	}
 }
 
-Log::Log4perl->init('log.conf');
+Log::Log4perl->init_once('log.conf');
 my $access_logger = Log::Log4perl->get_logger('access');
 $ENV{DBIC_NULLABLE_KEY_NOWARN} = 1;