Hi, when the accessing Javadocs on the new ci-builds.apache.org the server sends
Content-Security-Policy: sandbox; default-src 'none'; img-src 'self'; style-src 'self'; which causes that the "nightly" docs aren't shown properly in the browser, eg. - frames are empty https://ci-builds.apache.org/job/Nutch/job/Nutch-trunk/javadoc/index.html?overview-tree.html - or XSLT is not applied https://ci-builds.apache.org/job/Nutch/job/Nutch-trunk/javadoc/resources/nutch-default.xml The old builds.apache.org didn't send a X-Content-Security-Policy header and the docs are shown appropriately: https://builds.apache.org/job/nutch-trunk/javadoc/index.html?overview-tree.html https://builds.apache.org/job/nutch-trunk/javadoc/resources/nutch-default.xml Is there are reason for the stricter security policy? If yes, what is the preferred way to publish documentation of nightly builds? Thanks, Sebastian
