Resolve Frontend Bootstrap Failure Related to Content Security Policy

[Nencypatel21]

Summary

Resolve Content Security Policy (CSP) configuration issues causing the web application to fail client-side initialization in production deployments.

Contexts

The SvelteKit web application uses a CSP configuration in apps/web/svelte.config.js. Production deployments may experience frontend initialization or hydration failures when scripts injected during build/runtime are restricted by the current CSP directives. The CSP configuration should be reviewed and updated to ensure compatibility with production environments while maintaining security best practices.

Tasks

• Investigate current CSP configuration in apps/web/svelte.config.js
• Reproduce and identify the frontend initialization/hydration failure
• Update CSP directives to support required SvelteKit runtime scripts
• Verify the application renders correctly in production builds
• Ensure security restrictions remain appropriately enforced

Acceptance Criteria

• Web application loads successfully without hydration/initialization failures
• No CSP-related script blocking occurs in production deployment
• Production build completes and runs successfully
• Tests added or updated where applicable
• Documentation updated if configuration changes require explanation

Area

web

Difficulty

Medium

[Nencypatel21]

hello @Harxhit , i want to work on this issue under GSSoC '26

[Harxhit]

@Nencypatel21 I have assigned this issue to you also please join our discord channel from readme.

[github-actions]

Hey @ShantKhatri (Project Admin) and @Harxhit (Maintainer),

This issue (previously assigned to @Nencypatel21) has been automatically unassigned because no linked pull request was found within 5 days of assignment.

If work is in progress, please open and link a PR to keep the assignment active.