mhils
commented
11 years ago blocked by #71
Closed mhils closed 10 years ago
mhils
commented
11 years ago blocked by #71
mhils
commented
10 years ago implemented.
As a second barrier against XSS, we should addding a CSP directive (self, unsafe-eval) when moving to Flask. We need to consider that you can fetch request content from the same URL, so we must either separate that (other port) or add another form of authentication (might ref #42)