This is an automated email from the ASF dual-hosted git repository.

thisisnic pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/arrow-site.git


The following commit(s) were added to refs/heads/main by this push:
     new e51e9703618 Update .htaccess file to allow kapa.ai bot to work (#619)
e51e9703618 is described below

commit e51e97036188ee7ee301221f873b2ae939db0641
Author: Nic Crane <[email protected]>
AuthorDate: Wed Mar 19 07:11:20 2025 -0400

    Update .htaccess file to allow kapa.ai bot to work (#619)
    
    This PR updates the .htaccess file to allow the kapa.ai bot to work
    correctly. The [Infra guidance](https://infra.apache.org/csp.html) notes
    that external resources are disallowed for providers we **do not** have
    a DPA with, but kapa.ai **does** [have one with the
    ASF](https://privacy.apache.org/faq/committers.html) so this should be
    all good.
    
    ---------
    
    Co-authored-by: Bryce Mecum <[email protected]>
---
 .htaccess | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.htaccess b/.htaccess
index 327ebb6c3c7..a13d1b8483b 100644
--- a/.htaccess
+++ b/.htaccess
@@ -24,3 +24,11 @@ Redirect permanent /datafusion-python 
https://datafusion.apache.org/python
 
 # redirect all ballista URLs to new website
 Redirect permanent /ballista https://datafusion.apache.org/ballista
+
+# enable kapa.ai bot (GH-45665)
+# See https://docs.kapa.ai/integrations/understanding-csp-cors
+<IfModule mod_headers.c>
+    <Location /docs>
+        Header set Content-Security-Policy-Report-Only "script-src 'self' 
widget.kapa.ai www.google.com; connect-src 'self' proxy.kapa.ai 
kapa-widget-proxy-la7dkmplpq-uc.a.run.app metrics.kapa.ai; frame-src 'self' 
www.google.com;"
+    </Location>
+</IfModule>

Reply via email to