[jira] [Commented] (SEDONA-747) The Content-Security-Policy header must not be overridden

Sebb (Jira) Tue, 28 Oct 2025 16:18:05 -0700


    [ 
https://issues.apache.org/jira/browse/SEDONA-747?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18033705#comment-18033705
 ]


Sebb commented on SEDONA-747:
-----------------------------

There is still an override in place:

[https://github.com/apache/sedona-website/blob/asf-site/.htaccess]

 

Also note that the policy says that any exceptions must have been approved, and 
a reference to the approval must be commented in the .htaccess file

> The Content-Security-Policy header must not be overridden
> ---------------------------------------------------------
>
>                 Key: SEDONA-747
>                 URL: https://issues.apache.org/jira/browse/SEDONA-747
>             Project: Apache Sedona
>          Issue Type: Bug
>            Reporter: Sebb
>            Priority: Major
>             Fix For: 1.8.0
>
>
> [https://github.com/apache/sedona-website/blob/02c282889ff836fc51995cad4ecad38eab09471f/.htaccess#L1]
>  
> The Content-Security-Policy header must not be overridden.
> There is now a standard way to add local exceptions to the CSP:
> [https://infra.apache.org/tools/csp.html]
> Please update the .htaccess file accordingly.
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SEDONA-747) The Content-Security-Policy header must not be overridden

Reply via email to