This is an automated email from the ASF dual-hosted git repository.
gopidesu pushed a commit to branch fix-youtube-csp
in repository https://gitbox.apache.org/repos/asf/airflow-site.git
commit 0a8a8009720048166440251c536d0de9b28cf483
Author: Pavan Kumar <gopidesupa...@gmail.com>
AuthorDate: Sat Jan 25 21:58:31 2025 +0000
Set csp headers for YouTube
---
landing-pages/site/static/.htaccess | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/landing-pages/site/static/.htaccess
b/landing-pages/site/static/.htaccess
index 428ea326df..23625847fa 100644
--- a/landing-pages/site/static/.htaccess
+++ b/landing-pages/site/static/.htaccess
@@ -39,3 +39,7 @@ RedirectMatch Permanent
^/docs/apache-airflow/(stable|2\.[0-9.]+)/howto/operator
RedirectMatch Permanent
^/docs/apache-airflow/(stable|2\.[0-9.]+)/howto/operator/gcp/vision.html
"https://airflow.apache.org/docs/apache-airflow-providers-google/stable/operators/cloud/vision.html";
RedirectMatch Permanent
^/docs/apache-airflow/(stable|2\.[0-9.]+)/howto/operator/papermill.html
"https://airflow.apache.org/docs/apache-airflow-providers-papermill/stable/operators.html";
RedirectMatch Permanent
^/docs/apache-airflow/(stable|2\.[0-9.]+)/profiling.html
"https://github.com/apache/airflow/blob/master/UPDATING.md";
+
+# Allow loading YouTube content after ensuring consent.
+# Additional allowances to be coordinated with privacy team
+Header set Content-Security-Policy "frame-src https://www.youtube-nocookie.com
https://www.youtube.com";
