826bf55c20
* Add CSP Support and enable it initially for Login page * Update README * Make sure that CSP is not enabled if CSP_POLICY isnt set * Add a new value for x-csp header that tells if instance has opted-in to CSP or not * Add more src to CSP * Fix typo in header name * Remove duplicate headers fn * Add https://eu.ui-avatars.com/api/ * Add CSP_POLICY to env.example
30 KiB
30 KiB