#1188 mod_http_muc_log: Split inline JS and CSS into extra files
Description of feature:
Make log files load an external style and script files, rather than embedding them in the HTML.
With Content-Security-Policy, it’s common nowadays to forbid any unsafe internal scripts and style sheets from executing, reducing the attack vectors by a wide margin.
I recommend you make your own theme for this.
One of my goals here is to eventually make Prosody modules default to useful CSP rules for their usage.