This is an automated email from the ASF dual-hosted git repository.
sebb pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/attic-docker.git
The following commit(s) were added to refs/heads/main by this push:
new 39c05bb Resync CSP
39c05bb is described below
commit 39c05bb8ef5118ec0b9ce9bb6306de57f68bd411
Author: Sebb <[email protected]>
AuthorDate: Wed Mar 26 13:01:42 2025 +0000
Resync CSP
---
config/000-default.conf | 6 +-----
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/config/000-default.conf b/config/000-default.conf
index 7e50eb1..b7d9d68 100644
--- a/config/000-default.conf
+++ b/config/000-default.conf
@@ -27,11 +27,7 @@
<If "-d '/var/www/site.apache.org/_CSP'">
- Header set Content-Security-Policy "default-src 'self' \
- data: 'unsafe-inline' https://www.apachecon.com/
https://www.communityovercode.org/ https://analytics.apache.org/; \
- script-src 'self' 'unsafe-inline' 'unsafe-eval'
https://analytics.apache.org/; \
- style-src 'self' 'unsafe-inline' data:; frame-ancestors
'self'; \
- img-src 'self' data: https://www.apache.org/;";
+ Header set Content-Security-Policy "default-src 'self' data: blob:
'unsafe-inline' https://www.apachecon.com/ https://www.communityovercode.org/
https://analytics.apache.org/; script-src 'self' 'unsafe-inline' 'unsafe-eval'
https://www.apachecon.com/ https://*.apache.org/ https://apache.org/; style-src
'self' 'unsafe-inline' data: https://*.apache.org/ https://apache.org/;
frame-ancestors 'self'; frame-src 'self' data: blob:; img-src 'self' data:
https://*.apache.org/ https://apa [...]
</If>
# Filter website to add Attic header if marker directory is present
