geforkt von mirrored/vaultwarden
613b2519ed
- Removed `unsafe-inline` for javascript from CSP. The admin interface now uses files instead of inline javascript. - Modified javascript to work not being inline. - Run eslint over javascript and fixed some items. - Added a `to_json` Handlebars helper. Used at the diagnostics page. - Changed `AdminTemplateData` struct to be smaller. The `config` was always added, but only used at one page. Same goes for `can_backup` and `version`. - Also inlined CSS. We can't remove the `unsafe-inline` from css, because that seems to break the web-vault currently. That might need some further checks. But for now the 404 page and all the admin pages are clear of inline scripts and styles. |
||
|---|---|---|
| .. | ||
| 404.css | ||
| admin.css | ||
| admin.js | ||
| admin_diagnostics.js | ||
| admin_organizations.js | ||
| admin_settings.js | ||
| admin_users.js | ||
| bootstrap-native.js | ||
| bootstrap.css | ||
| datatables.css | ||
| datatables.js | ||
| jdenticon.js | ||
| jquery-3.6.2.slim.js | ||