5 Commits

Author	SHA1	Message	Date
Torsten Schulz (local)	12ae192b37	Update security headers in Apache configuration to enhance protection ... This commit removes the X-Frame-Options header in favor of using Content Security Policy (CSP) with frame-ancestors for better flexibility and modern security practices. It also adds a fallback for frame-ancestors in case CSP is not enabled. Additionally, the JavaScript middleware is updated to reflect these changes, ensuring consistent security header management across the application.	2026-01-11 20:59:42 +01:00
Torsten Schulz (local)	673c34ac9d	Update Apache SSL configuration and enhance security features across multiple files. Changed X-Frame-Options to SAMEORIGIN for better security, added optional Content Security Policy headers for testing, and improved password handling with HaveIBeenPwned checks during user registration and password reset. Implemented passkey login functionality in the authentication flow, including UI updates for user experience. Enhanced image upload processing with size limits and validation, and added rate limiting for various API endpoints to prevent abuse.	2026-01-05 11:50:57 +01:00
Torsten Schulz (local)	f6486fc27b	Remove X-Content-Type-Options header from Apache config to fix MIME type issues	2025-10-21 09:18:26 +02:00
Torsten Schulz (local)	e5fa1232ba	Simplify Apache config to proxy all requests to Nuxt server	2025-10-21 09:06:07 +02:00
Torsten Schulz (local)	94b5dc60fc	Refactor event management code to streamline CSV processing and enhance error reporting. Improve team overview page layout for increased usability and performance.	2025-10-21 00:52:04 +02:00