[jira] [Commented] (IOTDB-6358) The Content-Security-Policy header must not be overridden

Sebb (Jira) Tue, 28 Oct 2025 16:10:04 -0700


    [ 
https://issues.apache.org/jira/browse/IOTDB-6358?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18033704#comment-18033704
 ]


Sebb commented on IOTDB-6358:
-----------------------------

Please note that the policy says that any exceptions must have been approved, 
and a reference to the approval must be commented in the .htaccess file

> The Content-Security-Policy header must not be overridden
> ---------------------------------------------------------
>
>                 Key: IOTDB-6358
>                 URL: https://issues.apache.org/jira/browse/IOTDB-6358
>             Project: Apache IoTDB
>          Issue Type: Bug
>          Components: Website
>            Reporter: Sebb
>            Priority: Major
>
> https://github.com/apache/iotdb-website/blob/c7f0c273ffbb72036c853f367a4e1f3aff201029/.htaccess#L9
> The Content-Security-Policy header must not be overridden.
> There is now a standard way to add local exceptions to the CSP:
> [https://infra.apache.org/tools/csp.html]
> Please update the .htaccess file accordingly.
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (IOTDB-6358) The Content-Security-Policy header must not be overridden

Reply via email to