Frédéric Guillot
|
2935aaef45
|
Add Content-Security-Policy header to feed icon url
- SVG images could contains Javascript. This CSP blocks inline script.
- Feed icons are served using <img> tag and Javascript is not interpreted.
See https://developer.mozilla.org/en-US/docs/Web/SVG/SVG_as_an_Image#restrictions
|
2022-01-02 17:38:53 -08:00 |
|
Frédéric Guillot
|
5a69a61d48
|
Move UI middlewares and routes to ui package
|
2018-11-11 11:29:12 -08:00 |
|
Frédéric Guillot
|
1f58b37a5e
|
Refactor HTTP response builder
|
2018-10-08 15:31:58 -07:00 |
|
Frédéric Guillot
|
9d08139f43
|
Improve request package and add more unit tests
|
2018-09-23 21:02:26 -07:00 |
|
Frédéric Guillot
|
dbcc5d8a97
|
Use canonical imports
|
2018-08-24 21:56:39 -07:00 |
|
Frédéric Guillot
|
f49b42f70f
|
Use vanilla HTTP handlers (refactoring)
|
2018-04-29 16:35:04 -07:00 |
|