diff --git a/deployment/Caddyfile b/deployment/Caddyfile index 00f8355..e13d446 100644 --- a/deployment/Caddyfile +++ b/deployment/Caddyfile @@ -26,7 +26,7 @@ Strict-Transport-Security "max-age=63072000; includeSubDomains" Cross-Origin-Opener-Policy "same-origin" Cross-Origin-Resource-Policy "same-site" - Content-Security-Policy "default-src 'self'; connect-src 'self' {$CADDY_SUPABASE_URL} https://hcaptcha.com https://*.hcaptcha.com; font-src 'self' data:; frame-src 'self' https://hcaptcha.com https://*.hcaptcha.com; img-src 'self' blob:; media-src 'self' blob:; script-src 'self' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo=' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' 'unsafe-inline' https://hcaptcha.com https://*.hcaptcha.com;" + Content-Security-Policy "default-src 'self'; connect-src 'self' {$CADDY_SUPABASE_URL} https://hcaptcha.com https://*.hcaptcha.com; font-src 'self' data:; frame-src 'self' https://hcaptcha.com https://*.hcaptcha.com; img-src 'self' blob: https://*.basemaps.cartocdn.com; media-src 'self' blob:; script-src 'self' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo=' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' 'unsafe-inline' https://hcaptcha.com https://*.hcaptcha.com;" Permissions-Policy "accelerometer=(), ambient-light-sensor=(), autoplay=self, battery=(), bluetooth=(), browsing-topics=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), gamepad=(), geolocation=self, gyroscope=(), hid=(), identity-credentials-get=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-create=self, publickey-credentials-get=self, screen-wake-lock=(), serial=(), speaker-selection=(), storage-access=(), usb=(), web-shared=(), window-management=(), xr-spatial-tracking=(), interest-cohort=()" } diff --git a/src/pages/auth/step1.tsx b/src/pages/auth/step1.tsx index 24d14f9..a8bf645 100644 --- a/src/pages/auth/step1.tsx +++ b/src/pages/auth/step1.tsx @@ -66,7 +66,7 @@ export const Step1: FC = () => { email: form.email, options: { captchaToken: form.captchaToken, - emailRedirectTo: new URL("/nearby", window.location.origin).toString(), + emailRedirectTo: new URL("/auth/2", window.location.origin).toString(), data: { acceptedTerms: false, } as UserMetadata, diff --git a/supabase/migrations/20240508051432_functions.sql b/supabase/migrations/20240508051432_functions.sql index ab7113f..103484b 100644 --- a/supabase/migrations/20240508051432_functions.sql +++ b/supabase/migrations/20240508051432_functions.sql @@ -358,7 +358,7 @@ BEGIN -- Add some uncertainty relative to the post's radius (To increase resistance against static trilateration attacks) NEW.private_location = extensions.ST_Project( - _old_location::GEOGRAPHY, + _old_location::extensions.GEOGRAPHY, (-(_uncertainty / 2) * NEW.radius) + (_uncertainty * NEW.radius * utilities.safe_random()), 2 * PI() * utilities.safe_random() ); @@ -366,6 +366,7 @@ BEGIN RETURN NEW; END; $$; + -- Post deleted trigger function CREATE OR REPLACE FUNCTION utilities.post_deleted_trigger() RETURNS TRIGGER diff --git a/supabase/migrations/20240508051700_views.sql b/supabase/migrations/20240508051700_views.sql index fe3dde9..7988187 100644 --- a/supabase/migrations/20240508051700_views.sql +++ b/supabase/migrations/20240508051700_views.sql @@ -8,7 +8,7 @@ CREATE VIEW public.personalized_posts WITH ( security_barrier = TRUE, - security_invoker = TRUE + security_invoker = FALSE ) AS ( WITH personalized_post AS ( @@ -71,7 +71,7 @@ AS ( CREATE VIEW public.personalized_comments WITH ( security_barrier = TRUE, - security_invoker = TRUE + security_invoker = FALSE ) AS ( WITH personalized_comment AS (