11 Commits

Author	SHA1	Message	Date
Codex Agent	c4ac38e41a	Relax style-src-elem to allow inline	2026-01-24 23:41:53 +01:00
Codex Agent	84e253b61c	Allow inline style tags and remove Bunny font	2026-01-24 23:34:10 +01:00
Codex Agent	8414305ea3	Fix CSP style-src-elem allowlist	2026-01-24 23:16:23 +01:00
Codex Agent	a21321bb3c	Allow inline style elements for event-admin CSP	2026-01-24 21:16:31 +01:00
Codex Agent	7a91e40bb3	Allow inline style elements for event-admin CSP	2026-01-24 21:02:33 +01:00
Codex Agent	71604c6e41	Fix CSP nonce timing for admin styles	2026-01-24 20:54:23 +01:00
Codex Agent	2e4226a838	Checkout‑Registrierung validiert jetzt die E‑Mail‑Länge, und die Checkout‑Flows sind Paddle‑only: Stripe‑Endpoints/ ... Services/Helpers sind entfernt, API/Frontend angepasst, Tests auf Paddle umgestellt. Außerdem wurde die CSP gestrafft und Stripe‑Texte in den Abandoned‑Checkout‑Mails ersetzt.	2025-12-18 11:14:42 +01:00
Codex Agent	928d28fcaf	implemented a lot of security measures	2025-12-09 20:29:32 +01:00
Codex Agent	d91108c883	weitere verbesserungen der Guest PWA (vor allem TaskPicker)	2025-11-12 13:19:28 +01:00
Codex Agent	5432456ffd	switched to paddle inline checkout, removed paypal and most of stripe. added product sync between app and paddle.	2025-10-27 17:26:39 +01:00
Codex Agent	6290a3a448	Fix tenant event form package selector so it no longer renders empty-value options, handles loading/empty ... states, and pulls data from the authenticated /api/v1/tenant/packages endpoint. (resources/js/admin/pages/EventFormPage.tsx, resources/js/admin/api.ts) - Harden tenant-admin auth flow: prevent PKCE state loss, scope out StrictMode double-processing, add SPA routes for /event-admin/login and /event-admin/logout, and tighten token/session clearing semantics (resources/js/admin/auth/{context,tokens}.tsx, resources/js/admin/pages/{AuthCallbackPage,LogoutPage}.tsx, resources/js/admin/router.tsx, routes/web.php)	2025-10-19 23:00:47 +02:00