You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@superset.apache.org by as...@apache.org on 2024/02/28 00:09:47 UTC

(superset-site) branch asf-site updated: deploying docs: fix(docs): more CSP tweaks (#27280) (apache/superset@0468c57629044a8f8fc33dcfeffb457b3a79b0d9)

This is an automated email from the ASF dual-hosted git repository.

asf-ci-deploy pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/superset-site.git


The following commit(s) were added to refs/heads/asf-site by this push:
     new d87013026 deploying docs: fix(docs): more CSP tweaks (#27280) (apache/superset@0468c57629044a8f8fc33dcfeffb457b3a79b0d9)
d87013026 is described below

commit d87013026d26e4f6b59527177c5d37c6c7de3e8e
Author: apache <de...@superset.apache.org>
AuthorDate: Wed Feb 28 00:09:42 2024 +0000

    deploying docs: fix(docs): more CSP tweaks (#27280) (apache/superset@0468c57629044a8f8fc33dcfeffb457b3a79b0d9)
---
 .htaccess | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/.htaccess b/.htaccess
index 3e8582dee..bc88d42ee 100644
--- a/.htaccess
+++ b/.htaccess
@@ -22,10 +22,4 @@ RewriteRule ^(.*)$ https://superset.apache.org/$1 [R,L]
 RewriteCond %{HTTP_HOST} ^superset.incubator.apache.org$ [NC]
 RewriteRule ^(.*)$ https://superset.apache.org/$1 [R=301,L]
 
-Header set Content-Security-Policy "default-src data: blob: 'self' *.apache.org *.bugherd.com *.scarf.sh *.googleapis.com *.googletagmanager.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval'; \
-frame-src *; \
-frame-ancestors 'self' *.preset.io *.google.com https://sidebar.bugherd.com https://unpkg.com; \
-form-action 'self'; \
-worker-src blob:; img-src 'self' blob: data: https:; \
-font-src 'self' https://fonts.gstatic.com; \
-object-src 'none'
+Header set Content-Security-Policy "default-src data: blob: 'self' *.apache.org *.bugherd.com *.scarf.sh *.googleapis.com *.googletagmanager.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval'; frame-src *; frame-ancestors 'self' *.preset.io *.google.com https://sidebar.bugherd.com https://unpkg.com; form-action 'self'; worker-src blob:; img-src 'self' blob: data: https:; font-src 'self' https://fonts.gstatic.com; object-src 'none'"