-use constant ACCESSLOG_FORMAT => '%{X-Forwarded-For}i|%h %u "%r" %>s %b "%{Referer}i" "%{User-agent}i"';
-use constant CONTENT_SECURITY_POLICY => q,default-src 'none'; script-src 'self' www.google-analytics.com; style-src 'self'; img-src 'self'; connect-src 'self',;
-
-$Apache2::AuthzCaps::rootdir = $Apache2::Authen::Passphrase::rootdir;
-my $word = qr,(\w+),a;
-
-sub debug {
- local $Log::Log4perl::caller_depth = $Log::Log4perl::caller_depth + 1;
- $_[0]->{'psgix.logger'}->({qw/level debug message/ => $_[1]})
-}
-
-sub some_auth_required {
- my $r = Plack::Request->new($_[0]);
- return 1 if $_[0]->{'gruntmaster.reqadmin'} || $r->path eq '/action/passwd' || $r->path =~ m,/pb/$word/submit$,;
- return 1 if $r->path =~ m,^/ct/$word/pb/$word, && time < contest_end $1;
- 0
+sub CONTENT_SECURITY_POLICY () {
+ my $csp = <<CSP;
+default-src 'none'
+connect-src 'self'
+form-action 'self'
+frame-ancestors 'none'
+img-src 'self' https://static.mindcoding.ro
+referrer origin-when-cross-origin
+script-src 'self'
+style-src 'self'
+CSP
+ chomp $csp;
+ $csp =~ s/\n/; /gr;