This is an automated email from the ASF dual-hosted git repository.
bchapuis pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/incubator-baremaps.git
The following commit(s) were added to refs/heads/main by this push:
new 0f05dead2 Improve CSP directive (#944)
0f05dead2 is described below
commit 0f05dead22d7906e2453a6a4cb585a41bac62774
Author: Yongjun Hong <[email protected]>
AuthorDate: Sun Feb 2 04:51:44 2025 +0900
Improve CSP directive (#944)
* Remove duplicate url from script-src
* Add tile.openstreetmap.org to directive
---
baremaps-server/src/main/resources/dem/index.html | 4 ++--
baremaps-server/src/main/resources/static/server.html | 4 ++--
baremaps-server/src/main/resources/static/viewer.html | 4 ++--
basemap/index.html | 4 ++--
examples/openstreetmap/index.html | 4 ++--
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/baremaps-server/src/main/resources/dem/index.html
b/baremaps-server/src/main/resources/dem/index.html
index 374875b27..4164141e9 100644
--- a/baremaps-server/src/main/resources/dem/index.html
+++ b/baremaps-server/src/main/resources/dem/index.html
@@ -22,8 +22,8 @@ limitations under the License.
<meta charset='utf-8'>
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta http-equiv="Content-Security-Policy" content="
- default-src 'self' http://127.0.0.1:* http://localhost:* https://unpkg.com
https://baremaps.apache.org;
- script-src 'self' http://127.0.0.1:* http://localhost:* https://unpkg.com
https://unpkg.com https://baremaps.apache.org 'unsafe-inline';
+ default-src 'self' http://127.0.0.1:* http://localhost:* https://unpkg.com
https://baremaps.apache.org https://tile.openstreetmap.org;
+ script-src 'self' http://127.0.0.1:* http://localhost:* https://unpkg.com
https://baremaps.apache.org 'unsafe-inline';
worker-src 'self' blob:;
child-src 'self' blob:;
img-src 'self' data: blob: http://127.0.0.1:* http://localhost:*
https://unpkg.com https://baremaps.apache.org;
diff --git a/baremaps-server/src/main/resources/static/server.html
b/baremaps-server/src/main/resources/static/server.html
index 966877f9f..ea15d7f95 100644
--- a/baremaps-server/src/main/resources/static/server.html
+++ b/baremaps-server/src/main/resources/static/server.html
@@ -18,8 +18,8 @@ limitations under the License.
<html lang="en">
<head>
<meta http-equiv="Content-Security-Policy" content="
- default-src 'self' http://127.0.0.1:* http://localhost:* https://unpkg.com
https://baremaps.apache.org;
- script-src 'self' http://127.0.0.1:* http://localhost:* https://unpkg.com
https://unpkg.com https://baremaps.apache.org 'unsafe-inline';
+ default-src 'self' http://127.0.0.1:* http://localhost:* https://unpkg.com
https://baremaps.apache.org https://tile.openstreetmap.org;
+ script-src 'self' http://127.0.0.1:* http://localhost:* https://unpkg.com
https://baremaps.apache.org 'unsafe-inline';
worker-src 'self' blob:;
child-src 'self' blob:;
img-src 'self' data: blob: http://127.0.0.1:* http://localhost:*
https://unpkg.com https://baremaps.apache.org;
diff --git a/baremaps-server/src/main/resources/static/viewer.html
b/baremaps-server/src/main/resources/static/viewer.html
index 00f8326b9..64e52e1da 100644
--- a/baremaps-server/src/main/resources/static/viewer.html
+++ b/baremaps-server/src/main/resources/static/viewer.html
@@ -18,8 +18,8 @@ limitations under the License.
<html lang="en">
<head>
<meta http-equiv="Content-Security-Policy" content="
- default-src 'self' http://127.0.0.1:* http://localhost:* https://unpkg.com
https://baremaps.apache.org;
- script-src 'self' http://127.0.0.1:* http://localhost:* https://unpkg.com
https://unpkg.com https://baremaps.apache.org 'unsafe-inline';
+ default-src 'self' http://127.0.0.1:* http://localhost:* https://unpkg.com
https://baremaps.apache.org https://tile.openstreetmap.org;
+ script-src 'self' http://127.0.0.1:* http://localhost:* https://unpkg.com
https://baremaps.apache.org 'unsafe-inline';
worker-src 'self' blob:;
child-src 'self' blob:;
img-src 'self' data: blob: http://127.0.0.1:* http://localhost:*
https://unpkg.com https://baremaps.apache.org;
diff --git a/basemap/index.html b/basemap/index.html
index 966877f9f..ea15d7f95 100644
--- a/basemap/index.html
+++ b/basemap/index.html
@@ -18,8 +18,8 @@ limitations under the License.
<html lang="en">
<head>
<meta http-equiv="Content-Security-Policy" content="
- default-src 'self' http://127.0.0.1:* http://localhost:* https://unpkg.com
https://baremaps.apache.org;
- script-src 'self' http://127.0.0.1:* http://localhost:* https://unpkg.com
https://unpkg.com https://baremaps.apache.org 'unsafe-inline';
+ default-src 'self' http://127.0.0.1:* http://localhost:* https://unpkg.com
https://baremaps.apache.org https://tile.openstreetmap.org;
+ script-src 'self' http://127.0.0.1:* http://localhost:* https://unpkg.com
https://baremaps.apache.org 'unsafe-inline';
worker-src 'self' blob:;
child-src 'self' blob:;
img-src 'self' data: blob: http://127.0.0.1:* http://localhost:*
https://unpkg.com https://baremaps.apache.org;
diff --git a/examples/openstreetmap/index.html
b/examples/openstreetmap/index.html
index 966877f9f..ea15d7f95 100644
--- a/examples/openstreetmap/index.html
+++ b/examples/openstreetmap/index.html
@@ -18,8 +18,8 @@ limitations under the License.
<html lang="en">
<head>
<meta http-equiv="Content-Security-Policy" content="
- default-src 'self' http://127.0.0.1:* http://localhost:* https://unpkg.com
https://baremaps.apache.org;
- script-src 'self' http://127.0.0.1:* http://localhost:* https://unpkg.com
https://unpkg.com https://baremaps.apache.org 'unsafe-inline';
+ default-src 'self' http://127.0.0.1:* http://localhost:* https://unpkg.com
https://baremaps.apache.org https://tile.openstreetmap.org;
+ script-src 'self' http://127.0.0.1:* http://localhost:* https://unpkg.com
https://baremaps.apache.org 'unsafe-inline';
worker-src 'self' blob:;
child-src 'self' blob:;
img-src 'self' data: blob: http://127.0.0.1:* http://localhost:*
https://unpkg.com https://baremaps.apache.org;
