Add CSP, SRI, and auto-hash deploy pipeline

Browse Source

- Content Security Policy via <meta> tag (blocks exfiltration to foreign domains)
- Subresource Integrity on all static and dynamically loaded scripts
- Nginx security headers snippet (HSTS, CSP, frame-ancestors on all responses)
- Auto-minify and SRI hash update in deploy.sh (prevents stale hashes)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

...

This commit is contained in:

Alexander Schmidt

2026-03-27 07:51:01 +01:00

parent fcfabb7e58

commit 2a609e6315

6 changed files with 71 additions and 7 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

2

app.min.js vendored

File diff suppressed because one or more lines are too long