80c26c3df2
- Introduced `CSP_MODE` setting with `strict`, `relaxed`, and `disabled` options for flexible content security policies. - Updated middleware to apply varying CSP rules based on mode and request context (e.g., API docs). - Improved security and frontend compatibility with detailed policy definitions for external resources. - Defaulted `CSP_MODE` to `relaxed`, ensuring balanced security and usability in modern applications.
5.4 KiB
5.4 KiB