PrivateCoffee/alltube
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
1607 commits 1 branch 0 tags 4.5 MiB
Commit graph

8 commits

Author SHA1 Message Date
Kumi
98a7e42c15
fix(csp): refine img-src policy to improve security 
Switched 'img-src' directive to only allow 'self', and removed the wildcard '*' and 'data:' source settings. This adjustment enhances security by restricting image sources to the same origin, preventing potential exploitation from arbitrary or data URLs.
 2024-07-21 11:44:19 +02:00
Kumi
ac44c0e6cc
feat: embed base64 thumbnails in video objects 
Embedded video thumbnails as base64 data URIs to enhance performance and ensure portability. Updated CSP to allow 'data:' sources for images, preventing CSP violations when rendering base64 images.

Addresses issues with missing thumbnails and enhances security settings.
 2024-07-21 09:47:21 +02:00
Pierre Rudloff
f475fa2a47
Lint 2023-03-03 00:18:00 +01:00
Pierre Rudloff
5c0ed594f3 Debug bar 2021-02-06 15:35:09 +01:00
Pierre Rudloff
05311ac7b6 Add return types 2020-12-17 22:49:21 +01:00
Pierre Rudloff
c0b2acf33e Don't restrict forms in CSP (#327) 2020-11-04 23:03:39 +01:00
Pierre Rudloff
e9cee39673 Allow manifest in CSP 2020-10-20 23:32:16 +02:00
Pierre Rudloff
123a6c5ad9 Move middleware to a subfolder 2020-10-20 23:17:22 +02:00
Renamed from classes/CspMiddleware.php (Browse further)