#1188 mod_http_muc_log: Split inline JS and CSS into extra files

Reporter Link Mauve
Owner Nobody
Created
Updated
Stars ★ (1)
Tags
  • Type-Enhancement
  • Component-Community
  • Priority-Medium
  • Status-New
  1. Link Mauve on

    Description of feature: Make log files load an external style and script files, rather than embedding them in the HTML. Motivation: (Why?) With Content-Security-Policy, it’s common nowadays to forbid any unsafe internal scripts and style sheets from executing, reducing the attack vectors by a wide margin.

  2. Zash on

    I recommend you make your own theme for this.

  3. Link Mauve on

    One of my goals here is to eventually make Prosody modules default to useful CSP rules for their usage.

  4. Zash on

    Changes
    • tags Component-Community

New comment

Not published. Used for spam prevention and optional update notifications.