From e9a28078ad969204faae600df3ddff8e75ed2f8a Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@FreeBSD.org>
Date: Fri, 3 Jul 2020 17:18:22 -0500
Subject: [PATCH] Rename function and clarify that CSP is only strict with
 MediaProxy enabled

---
 lib/pleroma/plugs/http_security_plug.ex | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/lib/pleroma/plugs/http_security_plug.ex b/lib/pleroma/plugs/http_security_plug.ex
index f7192ebfc..23a641faf 100644
--- a/lib/pleroma/plugs/http_security_plug.ex
+++ b/lib/pleroma/plugs/http_security_plug.ex
@@ -69,10 +69,11 @@ defp csp_string do
     img_src = "img-src 'self' data: blob:"
     media_src = "media-src 'self'"
 
+    # Strict multimedia CSP enforcement only when MediaProxy is enabled
     {img_src, media_src} =
       if Config.get([:media_proxy, :enabled]) &&
            !Config.get([:media_proxy, :proxy_opts, :redirect_on_failure]) do
-        sources = get_proxy_and_attachment_sources()
+        sources = build_csp_multimedia_source_list()
         {[img_src, sources], [media_src, sources]}
       else
         {[img_src, " https:"], [media_src, " https:"]}
@@ -107,7 +108,7 @@ defp csp_string do
     |> :erlang.iolist_to_binary()
   end
 
-  defp get_proxy_and_attachment_sources do
+  defp build_csp_multimedia_source_list do
     media_proxy_whitelist =
       Enum.reduce(Config.get([:media_proxy, :whitelist]), [], fn host, acc ->
         add_source(acc, host)