Alexander Schmidt 2a609e6315 Add CSP, SRI, and auto-hash deploy pipeline ...

- Content Security Policy via <meta> tag (blocks exfiltration to foreign domains)
- Subresource Integrity on all static and dynamically loaded scripts
- Nginx security headers snippet (HSTS, CSP, frame-ancestors on all responses)
- Auto-minify and SRI hash update in deploy.sh (prevents stale hashes)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-27 07:51:01 +01:00

18 KiB

Raw Blame History

View Raw