Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
The Flutter docs site scores a [C for security](https://securityheaders.com/?q=https%3A%2F%2Fdocs.flutter.dev). One factor is the Content Security Policy, an HTTP header that can prevent [Cross Site Scripting (XSS)](https://securityheaders.com/?q=https%3A%2F%2Fdocs.flutter.dev) attacks. This PR adds the CSP to the Flutter docs site HTTP headers. It would resemble the fix applied to the Dart homepage in [Dart PR #3540](dart-lang/site-www#3540) based on [Dart issue #1521](dart-lang/site-www#1521) This change is based on the pub.dev site. Fixes #6381 Co-authored-by: Brett Morgan <brettmorgan@google.com>
- Loading branch information