[jira] [Created] (GROOVY-11773) Search on groovy.apache.org broken due to CSP violation

Gerd Aschemann (Jira) Sat, 18 Oct 2025 05:36:25 -0700

Gerd Aschemann created GROOVY-11773:
---------------------------------------


             Summary: Search on groovy.apache.org broken due to CSP violation
                 Key: GROOVY-11773
                 URL: https://issues.apache.org/jira/browse/GROOVY-11773
             Project: Groovy
          Issue Type: Bug
         Environment: macOS; Brave (Browser)
            Reporter: Gerd Aschemann


When opening the [search page|https://groovy.apache.org/search.html] on the 
[Apache Groovy Site|https://groovy.apache.org/], it does not show a search 
form/button. Instead an error is printed to the (Browser) console:

 
{code:java}
search.html:77 Refused to load the script 
'https://www.google.com/cse/cse.js?cx=0139398…:hbhn__olhii' because it violates 
the following Content Security Policy directive: "script-src 'self' data: blob: 
'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ 
https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ 
https://*.scarf.sh/";. Note that 'script-src-elem' was not explicitly set, so 
'script-src' is used as a fallback.
(anonymous)@search.html:77(anonymous)@search.html:78 {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (GROOVY-11773) Search on groovy.apache.org broken due to CSP violation

Reply via email to