Bitwarden allows to use self-hosted forwarded email services.
But for this to work you need to add custom URL's to the `connect-src` CSP entry.
This commit allows setting this and checks if the URL starts with `https://` else it will abort loading.
Fixes#5290
Signed-off-by: BlackDex <black.dex@gmail.com>
// Besides Pass, only String types will be masked via _privacy_mask.
// Besides Pass, only String types will be masked via _privacy_mask.
constPRIVACY_CONFIG: &[&str]=&[
constPRIVACY_CONFIG: &[&str]=&[
"allowed_iframe_ancestors",
"allowed_iframe_ancestors",
"allowed_connect_src",
"database_url",
"database_url",
"domain_origin",
"domain_origin",
"domain_path",
"domain_path",
@ -610,6 +611,9 @@ make_config! {
/// Allowed iframe ancestors (Know the risks!) |> Allows other domains to embed the web vault into an iframe, useful for embedding into secure intranets
/// Allowed iframe ancestors (Know the risks!) |> Allows other domains to embed the web vault into an iframe, useful for embedding into secure intranets
/// Allowed connect-src (Know the risks!) |> Allows other domains to URLs which can be loaded using script interfaces like the Forwarded email alias feature
/// Seconds between login requests |> Number of seconds, on average, between login and 2FA requests from the same IP address before rate limiting kicks in
/// Seconds between login requests |> Number of seconds, on average, between login and 2FA requests from the same IP address before rate limiting kicks in
login_ratelimit_seconds: u64,false,def,60;
login_ratelimit_seconds: u64,false,def,60;
/// Max burst size for login requests |> Allow a burst of requests of up to this size, while maintaining the average indicated by `login_ratelimit_seconds`. Note that this applies to both the login and the 2FA, so it's recommended to allow a burst size of at least 2
/// Max burst size for login requests |> Allow a burst of requests of up to this size, while maintaining the average indicated by `login_ratelimit_seconds`. Note that this applies to both the login and the 2FA, so it's recommended to allow a burst size of at least 2