From b42eb0706dba419b0eaf4c545eccbcc31983190a Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens@goauthentik.io>
Date: Thu, 21 Mar 2024 22:51:55 +0100
Subject: [PATCH] set schema

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---
 authentik/brands/middleware.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/authentik/brands/middleware.py b/authentik/brands/middleware.py
index 36b19c66ec..c4ea856657 100644
--- a/authentik/brands/middleware.py
+++ b/authentik/brands/middleware.py
@@ -60,7 +60,9 @@ class BrandCSPHeaderMiddleware:
     def get_csp(self, request: HttpRequest) -> str:
         brand: "Brand" = request.brand
         elements = self.default_csp_elements.copy()
-        elements["frame-ancestors"] = [f"https://{brand.domain}"]
+        elements["frame-ancestors"] = [
+            f"{'https' if request.is_secure() else 'http'}://{brand.domain}"
+        ]
         return ";".join(f"{attr} {" ".join(value)}" for attr, value in elements.items())
 
     def __call__(self, request: HttpRequest) -> HttpResponse: