Hi,
Is there a way to setup Content Security Policy headers to avoid XSS attacks? AFAIK Nuxt injects inline js globals in production so at the moment this is not possible? Some reference: https://medium.com/square-corner-blog/content-security-policy-for-single-page-web-apps-78f2b2cf1757
P.S. I know I can set headers with ServerMiddleware.
<!--cmty--><!--cmty_prevent_hook--><div align="right"><sub><em>This question is available on <a href="https://nuxtjs.cmty.io">Nuxt.js</a> community (<a href="https://nuxtjs.cmty.io/nuxt/nuxt.js/issues/c2101">#c2101</a>)</em></sub></div>