This is an automated email from the ASF dual-hosted git repository. jin pushed a commit to branch fix-csp in repository https://gitbox.apache.org/repos/asf/incubator-hugegraph-doc.git
commit 0b1f341438e7447225e380bb54c54a33b6f6fe37 Author: imbajin <[email protected]> AuthorDate: Fri Feb 14 15:44:11 2025 +0800 fix: critical CSP problem --- themes/docsy/layouts/_default/baseof.html | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/themes/docsy/layouts/_default/baseof.html b/themes/docsy/layouts/_default/baseof.html index d0d87c9a..c7771b0f 100644 --- a/themes/docsy/layouts/_default/baseof.html +++ b/themes/docsy/layouts/_default/baseof.html @@ -1,6 +1,13 @@ <!doctype html> <html lang="{{ .Site.Language.Lang }}" class="no-js"> <head> + <!-- To handle CSP policy --> + <meta http-equiv="Content-Security-Policy" + content="default-src 'self'; + style-src 'self' 'unsafe-inline' https://code.jquery.com https://cdn.jsdelivr.net; + script-src 'self' https://code.jquery.com https://cdn.jsdelivr.net; + font-src 'self' https://cdn.jsdelivr.net; + img-src 'self' data:"> {{ partial "head.html" . }} </head> <body class="td-{{ .Kind }}{{ with .Page.Params.body_class }} {{ . }}{{ end }}"> @@ -15,4 +22,4 @@ </div> {{ partialCached "scripts.html" . }} </body> -</html> \ No newline at end of file +</html>
