Security Improvements: CSP Nonces & Configurable Validation

🔒 Security Improvements

This release addresses security feedback from issue #1 with comprehensive improvements:

✨ New Features

• Configurable Password Validation: RADIUS_CHAR_PATTERN now configurable in config.py
• Enhanced Character Support: Default pattern includes \! # $ % & ' ( ) * + , - . / : ; = ? @ _ { } for Cisco compatibility

🛡️ Security Enhancements

• CSP Nonces: Replaced unsafe-inline with proper nonce-based Content Security Policy
• Flask-Talisman Integration: All security headers now managed by Flask-Talisman
• Removed Deprecated Headers: X-XSS-Protection header removed (CSP provides better protection)

🧪 Testing

• Added 3 comprehensive security tests
• All 8 tests passing
• CSP nonce functionality verification
• Configurable validation pattern testing

📚 Documentation

• Corrected Gunicorn X-Forwarded-For security documentation
• Updated security headers documentation
• Added configuration examples for new features

🔗 Links

• Fixes: #1
• Pull Request: #3

Full Changelog: 2025.07...2025.07.1