This is an automated email from the ASF dual-hosted git repository.
danhaywood pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/causeway-site.git
The following commit(s) were added to refs/heads/asf-site by this push:
new 20d325ec65 updates .htaccess, borrow a snippet from camel
20d325ec65 is described below
commit 20d325ec656f6ec9cdc4c453c8dab8c1e2cc8454
Author: Dan Haywood <[email protected]>
AuthorDate: Tue Apr 15 18:56:06 2025 +0100
updates .htaccess, borrow a snippet from camel
---
content/.htaccess | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/content/.htaccess b/content/.htaccess
index 1360834f36..73a60c5977 100644
--- a/content/.htaccess
+++ b/content/.htaccess
@@ -1 +1,4 @@
-Header set Content-Security-Policy "default-src 'self' data: blob:
'unsafe-inline' https://www.apachecon.com/ https://www.communityovercode.org/
https://analytics.apache.org/; script-src 'self' 'unsafe-inline' 'unsafe-eval'
https://www.apachecon.com/ https://*.apache.org/ https://apache.org/; style-src
'self' 'unsafe-inline' data: https://*.apache.org/ https://apache.org/;
frame-ancestors 'self'; frame-src 'self' data: blob:; img-src 'self' data:
https://*.apache.org/ https://apache.org/ [...]
+<IfModule mod_headers.c>
+ # (1) (2)
(3) (4) (5)
+ Header set Content-Security-Policy "default-src 'self'; base-uri 'none';
form-action 'self'; frame-ancestors 'none'; upgrade-insecure-requests;
connect-src https://*.algolia.net https://*.algolianet.com; img-src 'self'
https://*.githubusercontent.com; child-src https://www.youtube-nocookie.com";
"expr=%{CONTENT_TYPE} =~ m#text/html#i"
+</IfModule>
