(incubator-hugegraph-doc) branch master updated: fix: move csp rule (#393)

Fri, 14 Feb 2025 00:52:16 -0800 

This is an automated email from the ASF dual-hosted git repository.

zhaocong pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-hugegraph-doc.git


The following commit(s) were added to refs/heads/master by this push:
     new 14fc1f7a fix: move csp rule (#393)
14fc1f7a is described below

commit 14fc1f7a6af0b55273ffaa9a28e05a237d1a546b
Author: imbajin <[email protected]>
AuthorDate: Fri Feb 14 16:52:04 2025 +0800

    fix: move csp rule (#393)
---
 themes/docsy/layouts/_default/baseof.html | 6 ------
 themes/docsy/layouts/partials/head.html   | 6 ++++++
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/themes/docsy/layouts/_default/baseof.html 
b/themes/docsy/layouts/_default/baseof.html
index 44902029..258a54ad 100644
--- a/themes/docsy/layouts/_default/baseof.html
+++ b/themes/docsy/layouts/_default/baseof.html
@@ -1,12 +1,6 @@
 <!doctype html>
 <html lang="{{ .Site.Language.Lang }}" class="no-js">
   <head>
-      <!-- To handle CSP policy -->
-      <meta http-equiv="Content-Security-Policy"
-            content="script-src 'self' 'unsafe-inline' 'unsafe-eval' 
https://code.jquery.com https://cdn.jsdelivr.net https://fonts.googleapis.com/;
-                    style-src 'self' 'unsafe-inline' https://code.jquery.com 
https://cdn.jsdelivr.net https://fonts.googleapis.com/;
-                    font-src 'self' https://cdn.jsdelivr.net;
-                    img-src 'self' data:">
     {{ partial "head.html" . }}
   </head>
   <body class="td-{{ .Kind }}{{ with .Page.Params.body_class }} {{ . }}{{ end 
}}">
diff --git a/themes/docsy/layouts/partials/head.html 
b/themes/docsy/layouts/partials/head.html
index 7826fd7c..61f42cce 100644
--- a/themes/docsy/layouts/partials/head.html
+++ b/themes/docsy/layouts/partials/head.html
@@ -1,5 +1,11 @@
 <meta charset="utf-8">
 <meta name="viewport" content="width=device-width, initial-scale=1, 
shrink-to-fit=no">
+<!-- To handle CSP policy -->
+<meta http-equiv="Content-Security-Policy"
+      content="
+      script-src 'self' 'unsafe-inline' 'unsafe-eval' 
https://analytics.apache.org https://code.jquery.com https://cdn.jsdelivr.net 
https://fonts.googleapis.com/;
+      style-src 'self' 'unsafe-inline' https://code.jquery.com 
https://cdn.jsdelivr.net https://fonts.googleapis.com/;
+">
 {{ hugo.Generator }}
 {{ range .AlternativeOutputFormats -}}
 <link rel="{{ .Rel }}" type="{{ .MediaType.Type }}" href="{{ .Permalink | 
safeURL }}">

Reply via email to