You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@superset.apache.org by ru...@apache.org on 2024/02/27 21:32:21 UTC

(superset) 01/01: more access!

This is an automated email from the ASF dual-hosted git repository.

rusackas pushed a commit to branch more-csp-mess-3
in repository https://gitbox.apache.org/repos/asf/superset.git

commit d8396b3d9974b5fb0b4bc6e9e559824eb90d26bf
Author: Evan Rusackas <ev...@rusackas.com>
AuthorDate: Tue Feb 27 14:32:08 2024 -0700

    more access!
---
 docs/static/.htaccess | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/static/.htaccess b/docs/static/.htaccess
index 0e3d2d8f7e..aa0c75e328 100644
--- a/docs/static/.htaccess
+++ b/docs/static/.htaccess
@@ -28,8 +28,8 @@ Header set Content-Security-Policy "default-src 'self'; \
 script-src 'self'; \
 img-src 'self' https://static.scarf.sh *; \
 style-src 'self' https://fonts.googleapis.com; \
-script-src-elem 'self' https://www.googletagmanager.com https://www.google-analytics.com; \
-style-src-elem 'self' https://fonts.googleapis.com; \
+script-src-elem 'self' 'unsafe-inline' https://www.googletagmanager.com https://www.google-analytics.com; \
+style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://analytics.apache.org https://www.bugherd.com; \
 font-src 'self' https://fonts.gstatic.com; \
 frame-src 'self' https://calendar.google.com https://preset.io https://sidebar.bugherd.com https://unpkg.com; \
 "