Content Security Policy

[RUKAYAT-CODER]

Description

Overview
Missing CSP directives allowing potential XSS attacks.

Background
Missing X-Frame-Options, X-Content-Type-Options headers.

Specifications

• Configure strict CSP policy with nonce/hash support
• Add reporting endpoints
• Set up CSP violation monitoring

Tasks:

• Define CSP for app and admin
• Implement nonce generation
• Add CSP reporting

Impacted Files:

• src/middleware/csp.ts
• next.config.js (or equivalent)

Labels: priority-high, security, frontend

Acceptance Criteria
CSP headers prevent inline scripts and external resources

🙆Contribution Guidelines:
Assignment required before PR submission
Timeframe: 48-72 hours
PR description must include: Close #issue no
Star the repo⭐

[Turawa2]

@Turawa2 has applied to work on this issue as part of the Stellar Wave Program's 4th wave.

I can handle this task with precision and deliver exactly what’s required. I have the skills, focus, and attention to detail needed to complete it efficiently and to a high standard. You can rely on me to get it done right.

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Turawa2 to this issue.

[Emeka-12]

@Emeka-12 has applied to work on this issue as part of the Stellar Wave Program's 4th wave.

Hello, I’m a detailed developer with hands-on experience building withNextJS, React, Rust and Soroban for smart contract development.

I focus on writing clear, maintainable code and making sure features work as expected end to end, not just in isolation. I communicate progress regularly and keep things transparent as I work. I’m confident I can complete this task within an ETA of 6 hours

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Emeka-12 to this issue.

[drips-wave]

Congratulations, @Emeka-12! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on April 29, 2026.

🧑‍💻 @Emeka-12: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊