Skip to content

Commit

Permalink
fix(docs): more CSP tweaks (#27280)
Browse files Browse the repository at this point in the history
  • Loading branch information
@rusackas
rusackas committed Feb 28, 2024
1 parent 7a86d5e commit 0468c57
Showing 1 changed file with 1 addition and 7 deletions.
8 changes: 1 addition & 7 deletions docs/static/.htaccess
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,10 +22,4 @@ RewriteRule ^(.*)$ https://superset.apache.org/$1 [R,L]
RewriteCond %{HTTP_HOST} ^superset.incubator.apache.org$ [NC]
RewriteRule ^(.*)$ https://superset.apache.org/$1 [R=301,L]

Header set Content-Security-Policy "default-src data: blob: 'self' *.apache.org *.bugherd.com *.scarf.sh *.googleapis.com *.googletagmanager.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval'; \
frame-src *; \
frame-ancestors 'self' *.preset.io *.google.com https://sidebar.bugherd.com https://unpkg.com; \
form-action 'self'; \
worker-src blob:; img-src 'self' blob: data: https:; \
font-src 'self' https://fonts.gstatic.com; \
object-src 'none'
Header set Content-Security-Policy "default-src data: blob: 'self' *.apache.org *.bugherd.com *.scarf.sh *.googleapis.com *.googletagmanager.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval'; frame-src *; frame-ancestors 'self' *.preset.io *.google.com https://sidebar.bugherd.com https://unpkg.com; form-action 'self'; worker-src blob:; img-src 'self' blob: data: https:; font-src 'self' https://fonts.gstatic.com; object-src 'none'"

0 comments on commit 0468c57

Please sign in to comment.