feat: Implement Content Security Policy and disable Vite HMR overlay.

2026-02-06 17:29:21 +01:00
parent bf87b9c218
commit 274ea73e05
2 changed files with 7 additions and 0 deletions
--- a/frontend/index.html
+++ b/frontend/index.html
@@ -6,6 +6,8 @@
  <link rel="icon" type="image/svg+xml" href="/public/personnes.png" />
  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
  <title>xeewy.be</title>
+  <meta http-equiv="Content-Security-Policy"
+    content="default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self' ws://localhost:* http://localhost:* https://api.emailjs.com;">
 </head>

 <body>