dunkirk.sh / thistle
๐Ÿชป distributed transcription service thistle.dunkirk.sh
fork atom

feat: add Content Security Policy headers #4

closed
opened by dunkirk.sh edited

Medium Priority#

Location: HTML pages in src/pages/

Issue#

Missing CSP headers

Impact#

Reduced XSS protection

Fix Time#

~1 hour

Recommendation#

Add CSP headers to all HTML responses, start with restrictive policy

From LAUNCH_REVIEW.md Issue #13

sign up or login to add to the discussion
Labels

None yet.

priority
medium
assignee
dunkirk.sh
Participants 1
AT URI
at://did:plc:krxbvxvis5skq7jj6eot23ul/sh.tangled.repo.issue/3m6d4djlfoj2o