RAGStack-Lambda

<!doctype html> <html lang="en"> <head> <meta charset="UTF-8" /> <!-- Content Security Policy (CSP) - Security Justification: - 'unsafe-inline' (script/style): Required by Vite dev server HMR and Cloudscape Design System which injects dynamic styles. In production, Vite bundles eliminate most inline scripts. - 'unsafe-eval': Required by Vite dev server for HMR. Could be removed in production-only builds but kept for consistency. AWS Amplify libraries may also use eval for dynamic config. - connect-src wildcards: Required for AWS SDK calls to dynamic regional endpoints. Cognito, AppSync (HTTP and WebSocket), and S3 endpoints vary by region. CSP wildcards only work at leftmost label, so we use *.amazonaws.com for all AWS services. - data: URIs: Required for inline SVG icons and base64-encoded images from Cloudscape. --> <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.cloudfront.net; style-src 'self' 'unsafe-inline'; connect-src 'self' https://*.amazonaws.com https://*.amazoncognito.com wss://*.amazonaws.com https://*.cloudfront.net; img-src 'self' data: blob: https://*.amazonaws.com; font-src 'self' data:;"> <link rel="icon" type="image/svg+xml" href="/vite.svg" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta name="description" content="Serverless document processing and knowledge base search" /> <title>Document Pipeline</title> </head> <body> <div id="root"></div> <script type="module" src="/src/main.jsx"></script> </body> </html>