dosubot[bot] commented on issue #32606: URL: https://github.com/apache/superset/issues/32606#issuecomment-2715856915
<!-- Answer --> To resolve the "Access Denied" error for Slack images in Apache Superset, you can update the `TALISMAN_CONFIG` to allow the new Slack CDN URL. Here's how you can do it: 1. **Update the `TALISMAN_CONFIG`:** Modify the `img-src` directive to include the new Slack CDN URL (`https://cdn.brandfolder.io/`). Here's an example configuration: ```python TALISMAN_CONFIG = { "content_security_policy": { "base-uri": ["'self'"], "default-src": ["'self'"], "img-src": [ "'self'", "blob:", "data:", "https://apachesuperset.gateway.scarf.sh";, "https://static.scarf.sh/";, "https://cdn.brandfolder.io/";, # Updated Slack CDN URL "ows.terrestris.de", ], "worker-src": ["'self'", "blob:"], "connect-src": [ "'self'", "https://api.mapbox.com";, "https://events.mapbox.com";, ], "object-src": "'none'", "style-src": [ "'self'", "'unsafe-inline'", ], "script-src": ["'self'", "'strict-dynamic'"], }, "content_security_policy_nonce_in": ["script-src"], "force_https": False, "session_cookie_secure": False, } ``` 2. **Enable Slack Avatars:** Ensure that `SLACK_ENABLE_AVATARS` is set to `True` in your configuration to allow Slack avatars to be fetched: ```python "SLACK_ENABLE_AVATARS": True, ``` 3. **Documentation:** Consider adding documentation to guide users on configuring external image sources securely, avoiding the use of wildcards. By following these steps, you should be able to load Slack images securely without encountering the "Access Denied" error. <!-- Dosu Comment Footer --> *To continue talking to [Dosu](https://dosu.dev), mention @dosu.* --- <sup>Help Dosu learn! Give it feedback: [Great Response](https://app.dosu.dev/response-feedback/4fdbfa3f-fad6-48ee-85c1-8b37e255ae52?feedback_type=great_response) | [Irrelevant Answer](https://app.dosu.dev/response-feedback/4fdbfa3f-fad6-48ee-85c1-8b37e255ae52?feedback_type=irrelevant_answer) | [Incorrect Sources](https://app.dosu.dev/response-feedback/4fdbfa3f-fad6-48ee-85c1-8b37e255ae52?feedback_type=incorrect_sources) | [Too Verbose](https://app.dosu.dev/response-feedback/4fdbfa3f-fad6-48ee-85c1-8b37e255ae52?feedback_type=too_verbose) | [Hallucination](https://app.dosu.dev/response-feedback/4fdbfa3f-fad6-48ee-85c1-8b37e255ae52?feedback_type=hallucination) | [Bug Report](https://app.dosu.dev/response-feedback/4fdbfa3f-fad6-48ee-85c1-8b37e255ae52?feedback_type=bug_report) | [Other](https://app.dosu.dev/response-feedback/4fdbfa3f-fad6-48ee-85c1-8b37e255ae52?feedback_type=other)</sup> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
