Security+Perf: CSP nonces, robots.txt cleanup, minify JS

- index.php: replace unsafe-inline CSP with per-request nonces on all 13 inline scripts/styles
- robots.txt: remove sensitive config filenames (db-config, email-config, recaptcha-config)
- main.min.js: actually minified with terser (37KB -> 16KB, -38% gzipped)

This commit is contained in:

Peter Foster

2026-03-22 04:06:53 +00:00

parent 803905c328

commit 14f1e53c07

3 changed files with 16 additions and 1007 deletions

991

assets/js/main.min.js vendored

View File

File diff suppressed because one or more lines are too long

Security+Perf: CSP nonces, robots.txt cleanup, minify JS

991 assets/js/main.min.js vendored View File

991

assets/js/main.min.js vendored

View File