This is an automated email from the ASF dual-hosted git repository.
xiangfu pushed a commit to branch new-static-prod
in repository https://gitbox.apache.org/repos/asf/pinot-site.git
The following commit(s) were added to refs/heads/new-static-prod by this push:
new 85bac476 Add script-src-elem to Apache CSP
85bac476 is described below
commit 85bac476c4d3b99043c7c80b9ac41c25be9d5685
Author: Xiang Fu <[email protected]>
AuthorDate: Fri Jan 2 10:14:57 2026 -0800
Add script-src-elem to Apache CSP
---
.htaccess | 1 +
1 file changed, 1 insertion(+)
diff --git a/.htaccess b/.htaccess
index 07514ad7..7d91502d 100644
--- a/.htaccess
+++ b/.htaccess
@@ -2,6 +2,7 @@
Header unset Content-Security-Policy
Header always set Content-Security-Policy "default-src 'self'; \
script-src 'self' 'unsafe-eval' 'unsafe-inline' giscus.app analytics.umami.is
analytics.apache.org www.youtube.com; \
+script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' giscus.app
analytics.umami.is analytics.apache.org www.youtube.com; \
style-src 'self' 'unsafe-inline'; \
img-src * blob: data:; \
media-src *.s3.amazonaws.com; \
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
