pt
/
superset
mirror of https://github.com/apache/superset.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix(docs): removing meta tag CSP, poking more holes in htaccess (#27274)

This commit is contained in:
Evan Rusackas 2024-02-27 13:22:34 -07:00 committed by GitHub
parent f17afae428
commit 058d6ff5c0
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docs/docusaurus.config.js
View File

@ -261,7 +261,6 @@ const config = {
theme: lightCodeTheme,
darkTheme: darkCodeTheme,
},
metadata: [{name: 'Content-Security-Policy', content: "default-src 'self'; frame-src 'https://calendar.google.com/' 'https://preset.io/' 'https://sidebar.bugherd.com/';"}],
}),
scripts: [
'/script/matomo.js',

12
docs/static/.htaccess vendored
View File

@ -22,4 +22,14 @@ RewriteRule ^(.*)$ https://superset.apache.org/$1 [R,L]
RewriteCond %{HTTP_HOST} ^superset.incubator.apache.org$ [NC]
RewriteRule ^(.*)$ https://superset.apache.org/$1 [R=301,L]
Header set Content-Security-Policy "default-src 'self'; frame-src 'https://calendar.google.com/' 'https://preset.io/' 'https://sidebar.bugherd.com/' 'https://unpkg.com/';"
Header set Content-Security-Policy "default-src 'self'; img-src *;"
Header set Content-Security-Policy "default-src 'self'; \
script-src 'self'; \
img-src 'self' https://static.scarf.sh *; \
style-src 'self' https://fonts.googleapis.com; \
script-src-elem 'self' https://www.googletagmanager.com https://www.google-analytics.com; \
style-src-elem 'self' https://fonts.googleapis.com; \
font-src 'self' https://fonts.gstatic.com; \
frame-src 'self' https://calendar.google.com https://preset.io https://sidebar.bugherd.com https://unpkg.com; \
"