hedgedoc/lib
David Mehren 3cd169a650
Remove unsafe-eval from default CSP
As script-loader was removed in the previous commits,
we can finally tighten up security.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-06-07 23:04:45 +02:00
..
config Automatically enable protocolUseSSL when useSSL is set 2021-05-06 21:19:14 +02:00
migrations
models Sanitize username and photo URL 2021-05-09 19:28:44 +02:00
ot
web SAML: Use privateKey option 2021-05-17 18:46:00 +02:00
workers
csp.js Remove unsafe-eval from default CSP 2021-06-07 23:04:45 +02:00
errors.js
history.js
letter-avatars.js
logger.js
prometheus.js
realtime.js
response.js
utils.js