hedgedoc/lib
David Mehren 3cd169a650
Remove unsafe-eval from default CSP
As script-loader was removed in the previous commits,
we can finally tighten up security.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-06-07 23:04:45 +02:00
..
config Automatically enable protocolUseSSL when useSSL is set 2021-05-06 21:19:14 +02:00
migrations
models Sanitize username and photo URL 2021-05-09 19:28:44 +02:00
ot
web SAML: Use privateKey option 2021-05-17 18:46:00 +02:00
workers
csp.js Remove unsafe-eval from default CSP 2021-06-07 23:04:45 +02:00
errors.js Check for existing notes on POST and dont override them 2021-03-29 23:00:34 +02:00
history.js
letter-avatars.js
logger.js
prometheus.js Add custom prometheus metrics 2021-04-25 20:06:56 +02:00
realtime.js
response.js Replace request library with node-fetch 2021-03-12 22:27:49 +01:00
utils.js