1
0
Fork 0
vaultwarden-test/src
BlackDex 0f588ced03
Removed unsafe-inline JS from CSP and other fixes
- Removed `unsafe-inline` for javascript from CSP.
  The admin interface now uses files instead of inline javascript.
- Modified javascript to work not being inline.
- Run eslint over javascript and fixed some items.
- Added a `to_json` Handlebars helper.
  Used at the diagnostics page.
- Changed `AdminTemplateData` struct to be smaller.
  The `config` was always added, but only used at one page.
  Same goes for `can_backup` and `version`.
- Also inlined CSS.
  We can't remove the `unsafe-inline` from css, because that seems to
  break the web-vault currently. That might need some further checks.
  But for now the 404 page and all the admin pages are clear of inline scripts and styles.
2023-01-09 18:25:35 +01:00
..
api Removed unsafe-inline JS from CSP and other fixes 2023-01-09 18:25:35 +01:00
db Disable groups by default and Some optimizations 2022-12-18 20:32:06 +01:00
static Removed unsafe-inline JS from CSP and other fixes 2023-01-09 18:25:35 +01:00
auth.rs Fix recover-2fa not working. 2022-12-18 20:32:06 +01:00
config.rs Removed unsafe-inline JS from CSP and other fixes 2023-01-09 18:25:35 +01:00
crypto.rs Remove get_random_64() 2022-11-13 10:03:06 +01:00
error.rs Cleanups and Fixes for Emergency Access 2022-12-04 23:17:48 +01:00
mail.rs Percent-encode org_name in links 2023-01-03 12:51:44 +01:00
main.rs Remove ctrlc crate and some updates 2022-12-12 22:56:10 +01:00
ratelimit.rs Basic ratelimit for user login (including 2FA) and admin login 2021-12-22 21:48:49 +01:00
util.rs Removed unsafe-inline JS from CSP and other fixes 2023-01-09 18:25:35 +01:00