http security: remove form-action from CSP definitions
Fixes OAuth login with iOS devices, the form-action *
value seems entirely useless anyway. Closes #379 (closed).
Fixes OAuth login with iOS devices, the form-action *
value seems entirely useless anyway. Closes #379 (closed).