What's Changed
- fix(csp): disable upgrade-insecure-requests for plain HTTP deployments by @chrisvel in #1175
- fix(csp): use dedicated UPGRADE_INSECURE_REQUESTS env var instead of COOKIE_SECURE by @chrisvel in #1176
- fix(oidc): resolve user from session in link callback by @chrisvel in #1177
- fix(tasks): allow defer until any time on the same day as due date by @chrisvel in #1178
- fix(inbox): stay on inbox page after converting item to task by @chrisvel in #1182
- fix(caldav): cannot delete CalDAV calendars by @chrisvel in #1183
- fix(inbox): stay on inbox page after converting item to task by @chrisvel in #1171
- fix(cors): add x-csrf-token to CORS allowedHeaders by @chrisvel in #1186
- fix(static): serve from dist when index.html exists, regardless of NODE_ENV by @chrisvel in #1187
Full Changelog: v1.1.0...v1.1.1