mirror of
https://github.com/affaan-m/everything-claude-code.git
synced 2026-06-18 15:54:13 +08:00
61dfbf8846
'unsafe-inline' for script-src negates XSS protection from CSP. Removed it from the security headers example in quarkus-security and all locale copies. Kept 'unsafe-inline' for style-src only (commonly needed by CSS frameworks) with a comment recommending nonces where possible.
61dfbf8846
·
2026-04-08 22:28:46 +02:00
History