This is an automated email from the ASF dual-hosted git repository.
rusackas pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/superset.git
The following commit(s) were added to refs/heads/master by this push:
new 06deaebe19 fix(docs): poking a CSP hole for Kapa AI widget (#32704)
06deaebe19 is described below
commit 06deaebe19bc53fabf671397828652d54b72acd7
Author: Evan Rusackas <[email protected]>
AuthorDate: Mon Mar 17 11:33:15 2025 -0600
fix(docs): poking a CSP hole for Kapa AI widget (#32704)
---
docs/static/.htaccess | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/docs/static/.htaccess b/docs/static/.htaccess
index 179d9a0472..2b66800a88 100644
--- a/docs/static/.htaccess
+++ b/docs/static/.htaccess
@@ -22,7 +22,7 @@ RewriteRule ^(.*)$ https://superset.apache.org/$1 [R,L]
RewriteCond %{HTTP_HOST} ^superset.incubator.apache.org$ [NC]
RewriteRule ^(.*)$ https://superset.apache.org/$1 [R=301,L]
-Header set Content-Security-Policy "default-src data: blob: 'self'
*.apache.org *.githubusercontent.com *.scarf.sh *.googleapis.com *.github.com
*.algolia.net *.algolianet.com 'unsafe-inline' 'unsafe-eval'; frame-src *;
frame-ancestors 'self' *.google.com https://sidebar.bugherd.com; form-action
'self'; worker-src blob:; img-src 'self' blob: data: https:; font-src 'self';
object-src 'none'"
+Header set Content-Security-Policy "default-src data: blob: 'self'
*.apache.org widget.kapa.ai *.githubusercontent.com *.scarf.sh *.googleapis.com
*.github.com *.algolia.net *.algolianet.com 'unsafe-inline' 'unsafe-eval';
frame-src *; frame-ancestors 'self' *.google.com https://sidebar.bugherd.com;
form-action 'self'; worker-src blob:; img-src 'self' blob: data: https:;
font-src 'self'; object-src 'none'"
# REDIRECTS