mirror of https://github.com/apache/superset.git
fix(docs): removing meta tag CSP, poking more holes in htaccess (#27274)
This commit is contained in:
parent
f17afae428
commit
058d6ff5c0
|
@ -261,7 +261,6 @@ const config = {
|
|||
theme: lightCodeTheme,
|
||||
darkTheme: darkCodeTheme,
|
||||
},
|
||||
metadata: [{name: 'Content-Security-Policy', content: "default-src 'self'; frame-src 'https://calendar.google.com/' 'https://preset.io/' 'https://sidebar.bugherd.com/';"}],
|
||||
}),
|
||||
scripts: [
|
||||
'/script/matomo.js',
|
||||
|
|
|
@ -22,4 +22,14 @@ RewriteRule ^(.*)$ https://superset.apache.org/$1 [R,L]
|
|||
RewriteCond %{HTTP_HOST} ^superset.incubator.apache.org$ [NC]
|
||||
RewriteRule ^(.*)$ https://superset.apache.org/$1 [R=301,L]
|
||||
|
||||
Header set Content-Security-Policy "default-src 'self'; frame-src 'https://calendar.google.com/' 'https://preset.io/' 'https://sidebar.bugherd.com/' 'https://unpkg.com/';"
|
||||
Header set Content-Security-Policy "default-src 'self'; img-src *;"
|
||||
|
||||
Header set Content-Security-Policy "default-src 'self'; \
|
||||
script-src 'self'; \
|
||||
img-src 'self' https://static.scarf.sh *; \
|
||||
style-src 'self' https://fonts.googleapis.com; \
|
||||
script-src-elem 'self' https://www.googletagmanager.com https://www.google-analytics.com; \
|
||||
style-src-elem 'self' https://fonts.googleapis.com; \
|
||||
font-src 'self' https://fonts.gstatic.com; \
|
||||
frame-src 'self' https://calendar.google.com https://preset.io https://sidebar.bugherd.com https://unpkg.com; \
|
||||
"
|
||||
|
|
Loading…
Reference in New Issue