Stricter CSP for login page

Mirobit · Mirobit · commit d26678675709 · 2023-08-14T18:18:24.000+02:00
diff --git a/assets/css/custom.css b/assets/css/custom.css
@@ -4112,4 +4112,7 @@ ul.notifications {
   text-decoration:underline;
   text-decoration-style: dotted;
  }
+ .white-text {
+  color:white;
+ }
 
diff --git a/login.html b/login.html
@@ -1,17 +1,15 @@
 <!DOCTYPE html>
   <head>
     <meta charset="utf-8">
-    <meta
-    http-equiv="Content-Security-Policy"
-    content="default-src 'self'; script-src 'none'; style-src 'self' 'unsafe-inline'; img-src data: 'self'" />
+    <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'none'; style-src 'self'; img-src data: 'self'; object-src 'none'">
     <title>Login</title>
     <link rel="stylesheet" type="text/css" href="assets/css/style.login.css" />
     <link href="assets/images/favicon.png" rel="shortcut icon" type="image/png">
   </head>
   <body>
     <form id="slick-login" action="index.php" method="POST">
       <input type="password" name="password" class="placeholder" placeholder="Password" autofocus>
-      <input type="checkbox" name="stayloggedin" id="stayloggedin" checked> <span style="color:white;">Stay logged in</span>
+      <input type="checkbox" name="stayloggedin" id="stayloggedin" checked> <span name="white-text">Stay logged in</span>
       <input type="submit" value="Log In">
     </form>
   </body>

Original file line number	Diff line number	Diff line change
`@@ -4112,4 +4112,7 @@ ul.notifications {`
`4112`	`4112`	`text-decoration:underline;`
`4113`	`4113`	`text-decoration-style: dotted;`
`4114`	`4114`	`}`
	`4115`	`+ .white-text {`
	`4116`	`+ color:white;`
	`4117`	`+ }`
`4115`	`4118`