This is an automated email from the ASF dual-hosted git repository.
thisisnic pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/arrow-site.git
The following commit(s) were added to refs/heads/main by this push:
new e51e9703618 Update .htaccess file to allow kapa.ai bot to work (#619)
e51e9703618 is described below
commit e51e97036188ee7ee301221f873b2ae939db0641
Author: Nic Crane <[email protected]>
AuthorDate: Wed Mar 19 07:11:20 2025 -0400
Update .htaccess file to allow kapa.ai bot to work (#619)
This PR updates the .htaccess file to allow the kapa.ai bot to work
correctly. The [Infra guidance](https://infra.apache.org/csp.html) notes
that external resources are disallowed for providers we **do not** have
a DPA with, but kapa.ai **does** [have one with the
ASF](https://privacy.apache.org/faq/committers.html) so this should be
all good.
---------
Co-authored-by: Bryce Mecum <[email protected]>
---
.htaccess | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/.htaccess b/.htaccess
index 327ebb6c3c7..a13d1b8483b 100644
--- a/.htaccess
+++ b/.htaccess
@@ -24,3 +24,11 @@ Redirect permanent /datafusion-python
https://datafusion.apache.org/python
# redirect all ballista URLs to new website
Redirect permanent /ballista https://datafusion.apache.org/ballista
+
+# enable kapa.ai bot (GH-45665)
+# See https://docs.kapa.ai/integrations/understanding-csp-cors
+<IfModule mod_headers.c>
+ <Location /docs>
+ Header set Content-Security-Policy-Report-Only "script-src 'self'
widget.kapa.ai www.google.com; connect-src 'self' proxy.kapa.ai
kapa-widget-proxy-la7dkmplpq-uc.a.run.app metrics.kapa.ai; frame-src 'self'
www.google.com;"
+ </Location>
+</IfModule>
