niallkp commented on PR #292:
URL:
https://github.com/apache/maven-apache-parent/pull/292#issuecomment-2629631460
> @niallkp do you confirm that maven.apache.org webserver csp has been
updated during last month to enforce that "4. Using Assets from other Domains"
restriction, please?
hboutemy commented on PR #292:
URL:
https://github.com/apache/maven-apache-parent/pull/292#issuecomment-2629482162
@niallkp do you confirm that maven.apache.org webserver csp has been updated
during last month to enforce that "4. Using Assets from other Domains"
restriction, please?
--
hboutemy commented on PR #292:
URL:
https://github.com/apache/maven-apache-parent/pull/292#issuecomment-2629478533
https://privacy.apache.org/policies/website-policy.html
> 4) Using Assets from other Domains
> Assets (JavaScript files or snippets, images, fonts, CSS, etc.) from oth
hboutemy commented on PR #292:
URL:
https://github.com/apache/maven-apache-parent/pull/292#issuecomment-262948
https://infra.apache.org/csp.html supposed to be become effective March 1,
2025.
Not sure this is what is currently causing the issue, but perhaps there is
an intermediate
hboutemy commented on PR #292:
URL:
https://github.com/apache/maven-apache-parent/pull/292#issuecomment-2629476591
ok, researching:
https://en.wikipedia.org/wiki/Content_Security_Policy
https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html
I su
hboutemy commented on PR #292:
URL:
https://github.com/apache/maven-apache-parent/pull/292#issuecomment-2629344560
uh, looking at example, it seems badges are now blocked by csp
I'm not an expert, help appreciated to explain what exactly causes that,
what should be done (probably at mave
