public/code-crispies
2
1
Fork 0
Code Issues Pull Requests Actions Activity
Files
ad352aa986b440a95ace78a8f38a5895c8103897
code-crispies/src
History
Michael Czechowski b3c51537d5 fix(security): add Content-Security-Policy meta tag 
Restricts script sources to self and known CDNs, connect sources to
self and Supabase, blocks unauthorized resource loading. Allows
unsafe-inline for styles (CodeMirror requirement) and blob: for
sandboxed preview iframes.

Addresses SEC-5 (HIGH) from security audit.
2026-03-28 17:01:32 +01:00
..
config
feat: add Markdown learning module with 8 beginner lessons
2026-01-25 11:27:07 +01:00
helpers
chore: temporarily disable Tailwind CSS section
2026-01-25 15:40:53 +01:00
impl
fix(security): sandbox preview iframes to prevent XSS
2026-03-28 16:38:56 +01:00
app.js
chore: temporarily disable Tailwind CSS section
2026-01-25 15:40:53 +01:00
auth.js
feat: add lesson difficulty indicators and improve mobile sidebar
2026-01-16 21:47:47 +01:00
i18n.js
feat: add Markdown learning module with 8 beginner lessons
2026-01-25 11:27:07 +01:00
index.html
fix(security): add Content-Security-Policy meta tag
2026-03-28 17:01:32 +01:00
main.css
test: add 182 new tests for router, sections, renderer, and validator
2026-03-28 16:14:52 +01:00
supabase.js
fix: use same button position/style for playground back button
2026-01-16 14:58:25 +01:00