Dasko/GoNtech
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Lokalizovane frontend biblioteke i popravljen prikaz u Opera/Chromium

Browse Source 
Uklonjena zavisnost od spoljnih CDN-ova koja je u Operi prouzrokovala
  nestanak stilova i elemenata kada blocker/ekstenzija blokira CDN:

  - Tailwind (cdn.tailwindcss.com) potpuno izbačen; 9 korišćenih klasa
    (grid, grid-cols-*, md:grid-cols-*, gap-*, mb-6) prebačeno u main.css
  - HTMX i Chart.js skinuti lokalno u web/static/js/ i serviraju se
    preko go:embed umesto sa jsdelivr CDN-a
  - CSP očišćen u bezbednost.go — uklonjeni svi spoljni izvori, ostaje 'self'

  Popravljen grafikon na stranici Izveštaji: dodato color-scheme:only light
  na canvas i wrapper, jer Operin "tamni režim za web" (force-dark) zatamni
  canvas i učini tekst na osama nevidljivim.
This commit is contained in:
Dalibor Marković
2026-06-09 02:32:24 +02:00
parent cf13d0fe15
commit 4a01bda7d2
6 changed files with 43 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/middleware/bezbednost.go
+2 -2
View File
@@ -13,8 +13,8 @@ func BezbednostHeaders() func(http.Handler) http.Handler {
h.Set("Referrer-Policy", "strict-origin-when-cross-origin")
h.Set("Content-Security-Policy",
"default-src 'self'; "+
"style-src 'self' 'unsafe-inline' https://cdn.tailwindcss.com; "+
"script-src 'self' 'unsafe-inline' https://cdn.tailwindcss.com https://cdn.jsdelivr.net; "+
"style-src 'self' 'unsafe-inline'; "+
"script-src 'self' 'unsafe-inline'; "+
"img-src 'self' data: blob:; "+
"font-src 'self'; "+
"connect-src 'self'")