fix (2fa.directory): Allow api.2fa.directory, and remove 2fa.directory - vw_small

commit 6607faa390c7c76ccc9e74a7e532c37a7a303f1e
parent 6fcf18ab5132a2e3c0ddb725f1e6fb3f3bb91c15
Author: GeekCorner <45696571+GeekCornerGH@users.noreply.github.com>
Date:   Tue, 10 Jan 2023 09:41:35 +0100

fix (2fa.directory): Allow api.2fa.directory, and remove 2fa.directory
Diffstat:
M src/util.rs  | 4 ++--

1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/util.rs b/src/util.rs
@@ -50,7 +50,7 @@ impl Fairing for AppHeaders {
             // Have I Been Pwned and Gravator to allow those calls to work.
             // # Connect src:
             // Leaked Passwords check: api.pwnedpasswords.com
-            // 2FA/MFA Site check: 2fa.directory
+            // 2FA/MFA Site check: api.2fa.directory
             // # Mail Relay: https://bitwarden.com/blog/add-privacy-and-security-using-email-aliases-with-bitwarden/
             // app.simplelogin.io, app.anonaddy.com, api.fastmail.com, quack.duckduckgo.com
             let csp = format!(
@@ -73,7 +73,7 @@ impl Fairing for AppHeaders {
                   {icon_service_csp}; \
                 connect-src 'self' \
                   https://api.pwnedpasswords.com \
-                  https://2fa.directory \
+                  https://api.2fa.directory \
                   https://app.simplelogin.io/api/ \
                   https://app.anonaddy.com/api/ \
                   https://api.fastmail.com/ \

	vw_small Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
	git clone https://git.philomathiclife.com/repos/vw_small
	Log \| Files \| Refs \| README