This is an automated email from the ASF dual-hosted git repository.
zhaocong pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-hugegraph-doc.git
The following commit(s) were added to refs/heads/master by this push:
new e4b928f1 fix: enhance CSP rule (#392)
e4b928f1 is described below
commit e4b928f13f6834be3e8040958e502d283ce631cf
Author: imbajin <[email protected]>
AuthorDate: Fri Feb 14 15:58:29 2025 +0800
fix: enhance CSP rule (#392)
---
themes/docsy/layouts/_default/baseof.html | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/themes/docsy/layouts/_default/baseof.html
b/themes/docsy/layouts/_default/baseof.html
index c7771b0f..44902029 100644
--- a/themes/docsy/layouts/_default/baseof.html
+++ b/themes/docsy/layouts/_default/baseof.html
@@ -3,9 +3,8 @@
<head>
<!-- To handle CSP policy -->
<meta http-equiv="Content-Security-Policy"
- content="default-src 'self';
- style-src 'self' 'unsafe-inline' https://code.jquery.com
https://cdn.jsdelivr.net;
- script-src 'self' https://code.jquery.com
https://cdn.jsdelivr.net;
+ content="script-src 'self' 'unsafe-inline' 'unsafe-eval'
https://code.jquery.com https://cdn.jsdelivr.net https://fonts.googleapis.com/;
+ style-src 'self' 'unsafe-inline' https://code.jquery.com
https://cdn.jsdelivr.net https://fonts.googleapis.com/;
font-src 'self' https://cdn.jsdelivr.net;
img-src 'self' data:">
{{ partial "head.html" . }}
