[
https://issues.apache.org/jira/browse/GROOVY-11773?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Paul King closed GROOVY-11773.
------------------------------
Resolution: Fixed
> Search on groovy.apache.org broken due to CSP violation
> -------------------------------------------------------
>
> Key: GROOVY-11773
> URL: https://issues.apache.org/jira/browse/GROOVY-11773
> Project: Groovy
> Issue Type: Bug
> Environment: macOS; Brave (Browser)
> Reporter: Gerd Aschemann
> Priority: Major
> Labels: web
>
> When opening the [search page|https://groovy.apache.org/search.html] on the
> [Apache Groovy Site|https://groovy.apache.org/], it does not show a search
> form/button. Instead an error is printed to the (Browser) console:
>
> {code:java}
> search.html:77 Refused to load the script
> 'https://www.google.com/cse/cse.js?cx=0139398…:hbhn__olhii' because it
> violates the following Content Security Policy directive: "script-src 'self'
> data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/
> https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/
> https://*.scarf.sh/";. Note that 'script-src-elem' was not explicitly set, so
> 'script-src' is used as a fallback.
> (anonymous)@search.html:77(anonymous)@search.html:78 {code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
