This is an automated email from the ASF dual-hosted git repository.
ianmcook pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/arrow-site.git
The following commit(s) were added to refs/heads/main by this push:
new 3d7c5a22637 Fix Content Security Policy errors (#595)
3d7c5a22637 is described below
commit 3d7c5a22637fb294e5e3b1f9ed0c89678f3b7bcb
Author: Ian Cook <[email protected]>
AuthorDate: Wed Feb 19 16:42:31 2025 -0700
Fix Content Security Policy errors (#595)
This fixes Content Security Policy errors in the newest version of Safari.
---
_includes/top.html | 8 +++++++-
_layouts/home.html | 2 +-
assets/js/buttons.js | 29 +++++++++++++++++++++++++++++
3 files changed, 37 insertions(+), 2 deletions(-)
diff --git a/_includes/top.html b/_includes/top.html
index 0c1340914e1..1da899f16f7 100644
--- a/_includes/top.html
+++ b/_includes/top.html
@@ -3,6 +3,12 @@
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
+ <meta http-equiv="Content-Security-Policy" content="
+ default-src 'self';
+ connect-src 'self' https://api.github.com https://buttons.github.io;
+ style-src 'self' https://fonts.googleapis.com;
+ font-src 'self' https://fonts.gstatic.com;
+ img-src 'self' https://www.apache.org;";>
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- The above meta tags *must* come first in the head; any other head
content must come *after* these tags -->
{% if page.title %}
@@ -78,7 +84,7 @@
onUpdate();
</script>
- <link rel="stylesheet"
href="//fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,700,700italic,900">
+ <link rel="stylesheet"
href="https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,700,700italic,900";>
<link href="{{ site.baseurl }}/css/main.css" rel="stylesheet">
<link href="{{ site.baseurl }}/css/syntax.css" rel="stylesheet">
diff --git a/_layouts/home.html b/_layouts/home.html
index 7b9bacda0ef..897fddd025b 100644
--- a/_layouts/home.html
+++ b/_layouts/home.html
@@ -20,6 +20,6 @@
{% include footer.html %}
</div>
-<script async defer src="https://buttons.github.io/buttons.js";></script>
+<script async defer src="{{ site.baseurl }}/assets/js/buttons.js"></script>
</body>
</html>
diff --git a/assets/js/buttons.js b/assets/js/buttons.js
new file mode 100644
index 00000000000..3f13a5c7b55
--- /dev/null
+++ b/assets/js/buttons.js
@@ -0,0 +1,29 @@
+/*!
+ * github-buttons v2.29.1
+ * Copyright (c) 2025, なつき
+ * All rights reserved.
+ *
+ * BSD 2-Clause License
+
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice,
this
+ list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE
+ */
+!function(){"use strict";var
e=window.document,o=e.location,t=window.Math,r=window.HTMLElement,a=window.XMLHttpRequest,n="github-button",i="https://buttons.github.io/buttons.html",c="github.com",l="https://api."+c,d=a&&"prototype"in
a&&"withCredentials"in a.prototype,s=d&&r&&"attachShadow"in
r.prototype&&!("prototype"in r.prototype.attachShadow),u=function(e,o){for(var
t=0,r=e.length;t<r;t++)o(e[t])},f=function(e){return function(o,t,r){var
a=e.createElement(o);if(null!=t)for(var n in t) [...]
