[jira] [Created] (HBASE-29379) Photo images are blocked by CSP on Team website page

Jira Fri, 06 Jun 2025 00:07:47 -0700

Dávid Paksy created HBASE-29379:
-----------------------------------

             Summary: Photo images are blocked by CSP on Team website page
                 Key: HBASE-29379
                 URL: https://issues.apache.org/jira/browse/HBASE-29379
             Project: HBase
          Issue Type: Bug
          Components: website
            Reporter: Dávid Paksy
         Attachments: image-2025-06-06-09-03-12-039.png, 
image-2025-06-06-09-04-00-402.png


It seems that the recently enabled Content Security Policy (CSP) now blocks 
photo images of team members on the project team page: 
[https://hbase.apache.org/team.html]

Also there is an error logged to browser dev tool console about this:
{noformat}
Refused to load the image 
'https://www.gravatar.com/avatar/de20895d3fbc56885e0c6679e428113d?d=mm&s=60' 
because it violates the following Content Security Policy directive: 
"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' 
https://www.apachecon.com/ https://www.communityovercode.org/ 
https://*.apache.org/ https://apache.org/ https://*.scarf.sh/";. Note that 
'img-src' was not explicitly set, so 'default-src' is used as a 
fallback.{noformat}
Before:

!image-2025-06-06-09-03-12-039.png!

 

Now

!image-2025-06-06-09-04-00-402.png!



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (HBASE-29379) Photo images are blocked by CSP on Team website page

Reply via email to