Added Content-Security-Policy to ensure that external scripts cannot be loaded.

Moved inline scripts to their own files. Moved all front-end scripts to /assets/js/scripts.
2018-04-25 17:06:10 -04:00
parent 8d5cd2b00b
commit 4d26298b98
7 changed files with 246 additions and 234 deletions
--- a/app/welcome.ejs
+++ b/app/welcome.ejs
@@ -21,16 +21,5 @@
            </div>
        </button>
    </div>
-    <script type="application/javascript">
-
-        // DOM cache.
-        const welcomeButton = document.getElementById('welcomeButton')
-
-        welcomeButton.addEventListener('click', e => {
-            $('#welcomeContainer').fadeOut(500, () => {
-                $('#loginContainer').fadeIn(500)
-            })
-        })
-
-    </script>
+    <script src="./assets/js/scripts/welcome.js"></script>
 </div>