This is an automated email from the ASF dual-hosted git repository. zhangjuntao pushed a commit to branch Jtrust-patch-2 in repository https://gitbox.apache.org/repos/asf/skywalking-website.git
commit 5ce496de28823c7eb8cb173ba8f941cf3c634ad9 Author: Zhang Juntao <[email protected]> AuthorDate: Sun Jan 25 15:32:40 2026 +0800 Update Content-Security-Policy in .htaccess --- .htaccess | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.htaccess b/.htaccess index 6688f2aa0d7..9781732378b 100644 --- a/.htaccess +++ b/.htaccess @@ -2,13 +2,12 @@ ErrorDocument 404 /404.html <IfModule mod_headers.c> Header always set Content-Security-Policy "default-src 'self'; \ - script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.algolianet.com https://*.algolia.net https://*.algolia.io https://api.github.com https://kapa-widget-proxy-la7dkmplpq-uc.a.run.app https://*.hcaptcha.com; \ - connect-src 'self' https://*.algolianet.com https://*.algolia.net https://*.algolia.io https://api.github.com https://kapa-widget-proxy-la7dkmplpq-uc.a.run.app https://*.hcaptcha.com; \ + script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.algolianet.com https://*.algolia.net https://*.algolia.io https://api.github.com https://kapa-widget-proxy-la7dkmplpq-uc.a.run.app https://js.hcaptcha.com https://*.hcaptcha.com https://*.apache.org https://apache.org https://*.scarf.sh https://www.apachecon.com https://www.communityovercode.org; \ + connect-src 'self' https://*.algolianet.com https://*.algolia.net https://*.algolia.io https://api.github.com https://kapa-widget-proxy-la7dkmplpq-uc.a.run.app https://*.hcaptcha.com https://*.apache.org https://apache.org https://*.scarf.sh; \ frame-src 'self' https://www.youtube.com https://player.bilibili.com https://*.hcaptcha.com; \ style-src 'self' 'unsafe-inline' https:; \ img-src 'self' data: https:; \ font-src 'self' data: https:; \ - media-src 'self' https:; \ object-src 'none'; \ frame-ancestors 'self'; \ upgrade-insecure-requests;"
