Author: fanningpj
Date: Sat Feb 17 19:57:41 2024
New Revision: 1915852
URL: http://svn.apache.org/viewvc?rev=1915852&view=rev
Log:
try to disable most security headers
Modified:
poi/site/publish/.htaccess
Modified: poi/site/publish/.htaccess
URL:
http://svn.apache.org/viewvc/poi/site/publish/.htaccess?rev=1915852&r1=1915851&r2=1915852&view=diff
==============================================================================
--- poi/site/publish/.htaccess (original)
+++ poi/site/publish/.htaccess Sat Feb 17 19:57:41 2024
@@ -1,5 +1,3 @@
-# TODO Redirect to HTTPS by default
-
# Redirect the older H##F pages to their new common locations
RewriteEngine On
RewriteRule ^hssf/(.*)$ http://poi.apache.org/components/spreadsheet/$1
[R=permanent]
@@ -27,10 +25,10 @@ RewriteRule ^apidocs/(overview*)$ /apido
# Security Headers
Header set Strict-Transport-Security "max-age=31536000"
-Header set Content-Security-Policy "frame-src 'self' ;"
+# Header set Content-Security-Policy "frame-src 'self' ;"
# Header set Content-Security-Policy "default-src 'self'
https://poi.apache.org/ ; style-src 'self' https://poi.apache.org/
'unsafe-inline' ; script-src 'self' https://poi.apache.org/ 'unsafe-inline' ;
frame-src 'self' ;"
-Header always set X-Frame-Options SAMEORIGIN
-Header set X-Content-Type-Options nosniff
-Header set X-XSS-Protection "1; mode=block"
-Header set Referrer-Policy: strict-origin
+# Header always set X-Frame-Options SAMEORIGIN
+# Header set X-Content-Type-Options nosniff
+# Header set X-XSS-Protection "1; mode=block"
+# Header set Referrer-Policy: strict-origin
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@poi.apache.org
For additional commands, e-mail: commits-h...@poi.apache.org
