Fix permission for reddit

config/default.json

@@ -4,16 +4,16 @@
   "helmet": {
     "directives": {
       "childSrc": "'self' 3speak.online emb.d.tube player.twitch.tv www.youtube.com staticxx.facebook.com w.soundcloud.com player.vimeo.com",
-      "connectSrc": "https://images.hive.blog 'self' hive.blog https://api.hive.blog api.blocktrades.us https://anyx.io https://hivesigner.com https://hivebuzz.me https://peakd.com https://api.deathwing.me",
+      "connectSrc": "https://images.hive.blog 'self' hive.blog https://api.hive.blog api.blocktrades.us https://anyx.io https://hivesigner.com https://hivebuzz.me https://peakd.com https://api.deathwing.me https://www.reddit.com",
       "defaultSrc": "tpc.googlesyndication.com 'self' img.3speakcontent.online emb.d.tube www.youtube.com staticxx.facebook.com player.vimeo.com *.streamrail.com",
-      "fontSrc": "data: fonts.gstatic.com",
+      "fontSrc": "data: fonts.gstatic.com cdn.embedly.com",
       "frameAncestors": "'none'",
       "frameSrc": "'self' https:",
       "imgSrc": "* data:",
       "objectSrc": "'none'",
       "pluginTypes": "application/pdf",
       "scriptSrc": "'unsafe-inline' 'unsafe-eval' data: https: 'self' www.google-analytics.com connect.facebook.net",
-      "styleSrc": "'self' 'unsafe-inline' fonts.googleapis.com platform.twitter.com embed.redditmedia.com",
+      "styleSrc": "'self' 'unsafe-inline' fonts.googleapis.com platform.twitter.com www.reddit.com cdn.embedly.com",
       "reportUri": "/api/v1/csp_violation"
     },
     "reportOnly": false,

docker-compose.dev.yml

@@ -19,8 +19,9 @@ services:
 
             SDC_IMAGE_PROXY_PREFIX: https://images.hive.blog/
             SDC_UPLOAD_IMAGE_URL: https://images.hive.blog
-            SDC_HELMET_CONNECTSRC: "'self' http://hiveblog.local https://api.hive.blog https://images.hive.blog"
-            SDC_HELMET_STYLESRC: "'self' 'unsafe-inline' fonts.googleapis.com platform.twitter.com embed.redditmedia.com"
+            SDC_HELMET_CONNECTSRC: "'self' http://hiveblog.local https://api.hive.blog https://images.hive.blog https://www.reddit.com"
+            SDC_HELMET_STYLESRC: "'self' 'unsafe-inline' fonts.googleapis.com platform.twitter.com www.reddit.com cdn.embedly.com"
+            SDC_HELMET_FONTSRC: "data: fonts.gstatic.com cdn.embedly.com"
         volumes:
             - ./yarn.lock:/var/app/yarn.lock
             - ./package.json:/var/app/package.json

docker-compose.localbuild.yml

@@ -11,8 +11,9 @@ services:
             SDC_SITE_DOMAIN: hive.blog
             SDC_IMAGE_PROXY_PREFIX: https://images.hive.blog/
             SDC_UPLOAD_IMAGE_URL: https://images.hive.blog
-            SDC_HELMET_CONNECTSRC: "'self' hive.blog https://hive.blog https://api.hive.blog https://anyx.io api.blocktrades.us https://images.hive.blog https://hivebuzz.me https://peakd.com"
-            SDC_HELMET_STYLESRC: "'self' 'unsafe-inline' fonts.googleapis.com platform.twitter.com embed.redditmedia.com"
+            SDC_HELMET_CONNECTSRC: "'self' hive.blog https://hive.blog https://api.hive.blog https://anyx.io api.blocktrades.us https://images.hive.blog https://hivebuzz.me https://peakd.com https://www.reddit.com"
+            SDC_HELMET_STYLESRC: "'self' 'unsafe-inline' fonts.googleapis.com platform.twitter.com www.reddit.com cdn.embedly.com"
+            SDC_HELMET_FONTSRC: "data: fonts.gstatic.com cdn.embedly.com"
             WALLET_URL: https://wallet.hive.blog
         networks:
             - reverse-proxy

docker-compose.prod.yml

@@ -30,8 +30,9 @@ services:
             SDC_IMAGE_PROXY_PREFIX: https://images.hive.blog/
             SDC_UPLOAD_IMAGE_URL: https://images.hive.blog
             SDC_ALT_API_ENDPOINTS: "https://api.hive.blog https://anyx.io https://api.openhive.network https://api.hivekings.com"
-            SDC_HELMET_CONNECTSRC: "'self' hive.blog https://hive.blog https://images.hive.blog https://api.hive.blog https://anyx.io https://api.openhive.network https://api.hivekings.com https://hivebuzz.me https://peakd.com"
-            SDC_HELMET_STYLESRC: "'self' 'unsafe-inline' fonts.googleapis.com platform.twitter.com embed.redditmedia.com"
+            SDC_HELMET_CONNECTSRC: "'self' hive.blog https://hive.blog https://images.hive.blog https://api.hive.blog https://anyx.io https://api.openhive.network https://api.hivekings.com https://hivebuzz.me https://peakd.com https://www.reddit.com"
+            SDC_HELMET_STYLESRC: "'self' 'unsafe-inline' fonts.googleapis.com platform.twitter.com www.reddit.com cdn.embedly.com"
+            SDC_HELMET_FONTSRC: "data: fonts.gstatic.com cdn.embedly.com"
             WALLET_URL: https://wallet.hive.blog
         networks:
             - reverse-proxy

docker-compose.staging.yml

@@ -13,8 +13,9 @@ services:
          SDC_SITE_DOMAIN: staging-blog.hive.io
          SDC_IMAGE_PROXY_PREFIX: https://images.hive.blog/
          SDC_UPLOAD_IMAGE_URL: https://images.hive.blog
-         SDC_HELMET_CONNECTSRC: "'self' https://api.hive.blog https://staging.hive.blog https://images.hive.blog https://anyx.io https://api.openhive.network https://api.hivekings.com https://hivebuzz.me https://peakd.com"
-         SDC_HELMET_STYLESRC: "'self' 'unsafe-inline' fonts.googleapis.com platform.twitter.com embed.redditmedia.com"
+         SDC_HELMET_CONNECTSRC: "'self' https://api.hive.blog https://staging.hive.blog https://images.hive.blog https://anyx.io https://api.openhive.network https://api.hivekings.com https://hivebuzz.me https://peakd.com https://www.reddit.com"
+         SDC_HELMET_STYLESRC: "'self' 'unsafe-inline' fonts.googleapis.com platform.twitter.com www.reddit.com cdn.embedly.com"
+         SDC_HELMET_FONTSRC: "data: fonts.gstatic.com cdn.embedly.com"
          WALLET_URL: https://wallet.hive.blog
      networks:
          - reverse-proxy