next.js

3ba3eeb2 - Remove obsolete `block-all-mixed-content` CSP directive (#63595)

Remove obsolete `block-all-mixed-content` CSP directive (#63595) The `block-all-mixed-content` CSP directive has been deprecated and it is not recommended to use it anymore. Furthermore, the `upgrade-insecure-requests` directive is evaluated before `block-all-mixed-content`, if the former is set, the latter does nothing. Reference: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/block-all-mixed-content Reference: https://www.w3.org/TR/mixed-content/#strict-checking Co-authored-by: JJ Kasper <jj@jjsweb.site>