From 8bf3cae6ac89de9569a7ec629594954804a2b55a Mon Sep 17 00:00:00 2001
From: Osmium Sorcerer <os@sof.beauty>
Date: Sat, 6 Jun 2026 02:27:32 +0000
Subject: CSP hardening: remove inline styles

Similar to removal of inline scripts, everything was taken out into the
CSS files, with the same styles applied there directly. This lets us
use `script-src 'self'` in the CSP.

Additionally, serve Golden Layout CSS locally to avoid third-party
connection.
---
 webAO/styles/client.css | 131 ++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 128 insertions(+), 3 deletions(-)

(limited to 'webAO/styles/client.css')

diff --git a/webAO/styles/client.css b/webAO/styles/client.css
index fa01ddc..8dfd5da 100644
--- a/webAO/styles/client.css
+++ b/webAO/styles/client.css
@@ -65,7 +65,7 @@
   width: 100%;
   height: 100%;
   background: rgba(0, 0, 0, 0.6);
-  display: flex;
+  display: none;
   justify-content: center;
   align-items: center;
   z-index: 200;
@@ -95,6 +95,7 @@
 #client_errortext {
   margin: 4px 0 8px;
   text-align: center;
+  white-space: pre-wrap;
 }
 
 #client_error_code {
@@ -594,12 +595,17 @@
   font-size: small;
   overflow-wrap: break-word;
   overflow-y: auto;
+  text-align: left;
   text-rendering: optimizelegibility;
   resize: none;
   flex: 1 1 auto;
   border: none;
 }
 
+#client_ooclog a {
+  color: white;
+}
+
 #client_oocinput {
   display: flex;
   flex-flow: row nowrap;
@@ -814,6 +820,125 @@
   white-space: pre-wrap;
 }
 
-#client_errortext {
-  white-space: pre-wrap;
+.error {
+  color: red;
+}
+
+#client_chatcontainer {
+  font-size: 12px;
+  opacity: 0;
+}
+
+.nodisplay {
+  display: none;
+}
+
+#pairing_table {
+  border: none;
+  margin-left: auto;
+  margin-right: auto;
+}
+
+#judge_fieldset {
+  margin: 10px;
+}
+
+#menu_wt {
+  color: blue;
+}
+
+#menu_ce {
+  color: red;
+}
+
+#menu_nguilty {
+  color: white;
+  font-family: serif;
+  text-shadow:
+    -1px 0 #000,
+    0 1px #000,
+    1px 0 #000,
+    0 -1px #000;
+  font-size: 1.5em;
+  line-height: 0.75;
+}
+
+#menu_guilty {
+  color: black;
+  font-family: serif;
+  font-size: 1.5em;
+}
+
+.menu-hp-bar {
+  display: inline-block;
+  vertical-align: middle;
+}
+
+.menu-hp-label {
+  font-size: 1.25em;
+}
+
+#mute_label {
+  float: left;
+}
+
+#callmod_button {
+  color: #ce2727;
+}
+
+.l-fieldset {
+  text-align: left;
+}
+
+#bg_span {
+  display: inline-block;
+}
+
+.bg-selection {
+  margin-top: 10px;
+}
+
+#evi_fieldset {
+  text-align: left;
+  display: flex;
+  flex-direction: column;
+}
+
+#evi_info {
+  display: flex;
+}
+
+#evi_desc_container {
+  display: flex;
+  padding-top: 5px;
+}
+
+#evi_add_container {
+  display: block;
+  text-align: center;
+  padding-top: 20px;
+}
+
+#auth_fieldset {
+  margin: 1rem auto;
+  padding: 1rem;
+  max-width: 200px;
+}
+
+#webao_title {
+  line-height: 0.3em;
+}
+
+#client_ooc {
+  height: 100%;
+  display: flex;
+  flex-direction: column;
+}
+
+#client_replaycontrols {
+  white-space: nowrap;
+}
+
+.replay-control {
+  width: 25%;
 }
-- 
cgit