This is an automated email from the ASF dual-hosted git repository.
jbonofre pushed a commit to branch activemq-6.1.x
in repository https://gitbox.apache.org/repos/asf/activemq.git
The following commit(s) were added to refs/heads/activemq-6.1.x by this push:
new d6b6c4fd25 AMQ-9739: Removed "upgrade-insecure-requests" from the Web
Console's Content-Security-Policy header. (#1472)
d6b6c4fd25 is described below
commit d6b6c4fd250bd6d973b2cdaa85c49132c451a336
Author: Sérgio Lemos <[email protected]>
AuthorDate: Thu Aug 21 08:58:50 2025 -0700
AMQ-9739: Removed "upgrade-insecure-requests" from the Web Console's
Content-Security-Policy header. (#1472)
Fixes issues loading assets when serving the Web Console via HTTP.
(cherry picked from commit 35197b44c51c4d93c2e1f6bf548fe8282a4e3586)
---
assembly/src/release/conf/jetty.xml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/assembly/src/release/conf/jetty.xml
b/assembly/src/release/conf/jetty.xml
index 75923e6dbe..cb3d281ea3 100644
--- a/assembly/src/release/conf/jetty.xml
+++ b/assembly/src/release/conf/jetty.xml
@@ -82,13 +82,13 @@
<bean id="header"
class="org.eclipse.jetty.rewrite.handler.HeaderPatternRule">
<property name="pattern" value="*"/>
<property name="name" value="Content-Security-Policy"/>
- <property name="value" value="upgrade-insecure-requests;
style-src-elem 'self'; style-src 'self'; img-src 'self'; script-src-elem
'self'; default-src 'none'; object-src 'none'; frame-ancestors 'none'; base-uri
'none';" />
+ <property name="value" value="style-src-elem 'self';
style-src 'self'; img-src 'self'; script-src-elem 'self'; default-src 'none';
object-src 'none'; frame-ancestors 'none'; base-uri 'none';" />
</bean>
<!-- More relaxed rules to allow browsers to properly render
XML -->
<bean id="header"
class="org.eclipse.jetty.rewrite.handler.HeaderPatternRule">
<property name="pattern" value="/admin/xml/*"/>
<property name="name" value="Content-Security-Policy"/>
- <property name="value" value="upgrade-insecure-requests;
style-src-elem 'self' 'unsafe-inline'; style-src 'self'; img-src 'self' data:;
script-src-elem 'self'; default-src 'none'; object-src 'none'; frame-ancestors
'none'; base-uri 'none';" />
+ <property name="value" value="style-src-elem 'self'
'unsafe-inline'; style-src 'self'; img-src 'self' data:; script-src-elem
'self'; default-src 'none'; object-src 'none'; frame-ancestors 'none'; base-uri
'none';" />
</bean>
</list>
</property>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
