mirror of
https://github.com/overleaf/overleaf.git
synced 2024-12-29 08:52:46 +00:00
224edddad4
* Remove use of CSP_PERCENTAGE * Move header calculation earlier * Set a default policy and add comments * Apply the CSP header to all responses * Enable CSP in dev environment * [web] set a default, strict CSP on ALL endpoints * [misc] enable CSP in dev-env * Only build the default policy once * Update docker-compose.yml * [web] webpack: set default CSP header on webpack assets This aligns the webpack dev-server with production in nocdn=true mode. Co-authored-by: Alf Eaton <alf.eaton@overleaf.com> GitOrigin-RevId: 088a6082ad21c5b3f229887ba0ab3eca8d0528cd |
||
---|---|---|
.. | ||
settings.defaults.js |