feat: Implement Content Security Policy and disable Vite HMR overlay.

frontend/index.html

@@ -6,6 +6,8 @@
   <link rel="icon" type="image/svg+xml" href="/public/personnes.png" />
   <meta name="viewport" content="width=device-width, initial-scale=1.0" />
   <title>xeewy.be</title>
+  <meta http-equiv="Content-Security-Policy"
+    content="default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self' ws://localhost:* http://localhost:* https://api.emailjs.com;">
 </head>
 
 <body>

frontend/vite.config.ts

@@ -4,4 +4,9 @@ import react from '@vitejs/plugin-react'
 // https://vite.dev/config/
 export default defineConfig({
   plugins: [react()],
+  server: {
+    hmr: {
+      overlay: false
+    }
+  }
 })