This is an automated email from the ASF dual-hosted git repository.
danhaywood pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/causeway-site.git
The following commit(s) were added to refs/heads/asf-site by this push:
new 597db0ed3d reinstates own .htaccess headers
597db0ed3d is described below
commit 597db0ed3d004206ae3e2c545b16e0c8221de97f
Author: Dan Haywood <[email protected]>
AuthorDate: Tue Apr 15 22:14:43 2025 +0100
reinstates own .htaccess headers
as the camel ones didn't work exactly
---
content/.htaccess | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/content/.htaccess b/content/.htaccess
index 73a60c5977..5a0d180f78 100644
--- a/content/.htaccess
+++ b/content/.htaccess
@@ -1,4 +1,3 @@
<IfModule mod_headers.c>
- # (1) (2)
(3) (4) (5)
- Header set Content-Security-Policy "default-src 'self'; base-uri 'none';
form-action 'self'; frame-ancestors 'none'; upgrade-insecure-requests;
connect-src https://*.algolia.net https://*.algolianet.com; img-src 'self'
https://*.githubusercontent.com; child-src https://www.youtube-nocookie.com";
"expr=%{CONTENT_TYPE} =~ m#text/html#i"
+ Header set Content-Security-Policy "Header Set Content-Security-Policy:
default-src 'self' data: blob: 'unsafe-inline' https://www.apachecon.com/
https://www.communityovercode.org/ https://analytics.apache.org/; script-src
'self' 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/
https://*.apache.org/ https://apache.org/; style-src 'self' 'unsafe-inline'
data: https://*.apache.org/ https://apache.org/; frame-ancestors 'self';
frame-src 'self' data: blob: https://www.youtube.com [...]
</IfModule>
