[jira] [Commented] (KAFKA-19835) The Content-Security-Policy header must not be overridden

ASF GitHub Bot (Jira) Sun, 26 Oct 2025 00:48:27 -0700


    [ 
https://issues.apache.org/jira/browse/KAFKA-19835?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18032997#comment-18032997
 ]


ASF GitHub Bot commented on KAFKA-19835:
----------------------------------------

brandboat commented on PR #733:
URL: https://github.com/apache/kafka-site/pull/733#issuecomment-3448101426

   @sebbASF, thanks for the comment! The reason we add youtube here is due to 
we use embedded youtube videos in QuickStart, KafkaStreams page, see 
https://kafka.apache.org/quickstart, 
https://kafka.apache.org/documentation/streams/
   Without this, browsers will block these iframes and videos won't display.




> The Content-Security-Policy header must not be overridden
> ---------------------------------------------------------
>
>                 Key: KAFKA-19835
>                 URL: https://issues.apache.org/jira/browse/KAFKA-19835
>             Project: Kafka
>          Issue Type: Bug
>            Reporter: Sebb
>            Assignee: Kuan Po Tseng
>            Priority: Major
>
> [https://github.com/apache/kafka-site/blob/905299a0b7e2e3892d9493c7dcaaf78dce035c00/.htaccess#L13]
> The Content-Security-Policy header must not be overridden.
> There is now a standard way to add local exceptions to the CSP:
> [https://infra.apache.org/tools/csp.html]
> Please update the .htaccess file accordingly.
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (KAFKA-19835) The Content-Security-Policy header must not be overridden

Reply via email to