[FIX] Fix some securiry issues

2026-02-18 15:27:55 +01:00
parent 3abc6f6371
commit 039cecc4a6
15 changed files with 2179 additions and 200 deletions
--- a/partitions/svelte.config.js
+++ b/partitions/svelte.config.js
@@ -14,6 +14,21 @@ const config = {
 		}),
 		alias: {
 			$lib: './src/lib'
+		},
+		// Security: Content Security Policy
+		csp: {
+			directives: {
+				'default-src': ['self'],
+				'script-src': ['self', 'unsafe-inline'],
+				'style-src': ['self', 'unsafe-inline'],
+				'img-src': ['self', 'data:', 'blob:'],
+				'connect-src': ['self', 'http://localhost:8000', 'https://*.ohmj.fr'],
+				'font-src': ['self'],
+				'object-src': ['none'],
+				'frame-ancestors': ['none'],
+				'base-uri': ['self'],
+				'form-action': ['self']
+			}
 		}
 	}
 };