geforkt von mirrored/vaultwarden
0f588ced03
- Removed `unsafe-inline` for javascript from CSP. The admin interface now uses files instead of inline javascript. - Modified javascript to work not being inline. - Run eslint over javascript and fixed some items. - Added a `to_json` Handlebars helper. Used at the diagnostics page. - Changed `AdminTemplateData` struct to be smaller. The `config` was always added, but only used at one page. Same goes for `can_backup` and `version`. - Also inlined CSS. We can't remove the `unsafe-inline` from css, because that seems to break the web-vault currently. That might need some further checks. But for now the 404 page and all the admin pages are clear of inline scripts and styles. |
||
---|---|---|
.. | ||
api | ||
db | ||
static | ||
auth.rs | ||
config.rs | ||
crypto.rs | ||
error.rs | ||
mail.rs | ||
main.rs | ||
ratelimit.rs | ||
util.rs |