Remove content security policy

2023-10-25 23:44:28 +05:30 · 2023-10-25 23:44:28 +05:30 · f66e1c4b26
commit f66e1c4b26
parent 60f843b6d2
3 changed files with 0 additions and 21 deletions
--- a/frontend/html/dashboard.html
+++ b/frontend/html/dashboard.html
@ -3,13 +3,6 @@
 <head>
    <meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <meta http-equiv="Content-Security-Policy" content="default-src 'self' https://fonts.googleapis.com; 
-    font-src 'self' https://fonts.gstatic.com; 
-    connect-src 'self' http://127.0.0.1:5000; 
-    style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; 
-    script-src 'self' 'unsafe-inline'; 
-    script-src-elem 'self' 'unsafe-inline';
-    img-src 'self' http://www.google.com/s2/favicons https://t1.gstatic.com https://t0.gstatic.com https://t2.gstatic.com">
    <title>DashBoard</title>
    <link rel="stylesheet" href="../styles/dashboard.css"/>
 </head>
--- a/frontend/html/index.html
+++ b/frontend/html/index.html
@ -3,14 +3,6 @@
 <html>
 <head>
  <meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8">
-  <meta http-equiv="Content-Security-Policy" content="default-src 'self' https://fonts.googleapis.com; 
-  font-src 'self' https://fonts.gstatic.com; 
-  connect-src 'self' http://127.0.0.1:5000; 
-  style-src 'self' https://fonts.googleapis.com 'unsafe-inline';">
-<meta
-  http-equiv="X-Content-Security-Policy"
-  content="default-src 'self'; script-src 'self'"
-/>
  <link rel="stylesheet" href="../styles/index.css"/>
  <title>Login</title>
  <link rel="preconnect" href="https://fonts.googleapis.com">
--- a/frontend/html/register.html
+++ b/frontend/html/register.html
@ -3,12 +3,6 @@
 <html>
 <head>
  <meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8">
-  <meta http-equiv="Content-Security-Policy" content="default-src 'self' https://fonts.googleapis.com; 
-    font-src 'self' https://fonts.gstatic.com; 
-    connect-src 'self' http://127.0.0.1:5000; 
-    style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; 
-    script-src 'self' 'unsafe-inline'; 
-    script-src-elem 'self' 'unsafe-inline'">
  <link rel="stylesheet" href="../styles/register.css"/>
  <link rel="preconnect" href="https://fonts.googleapis.com">
  <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>