On 04/01/2020 16:00, Guilhem Moulin wrote: > On Sat, 04 Jan 2020 at 15:10:42 +0100, William Gathoye (LibreOffice) wrote: >> Content Security Policy: The page’s settings blocked the loading of a >> resource at >> http://fr.blog.documentfoundation.org/wp-json/jetpack/v4/rewind?_cacheBuster=1578146864121 >> (“connect-src”). > > What's the concrete impact of blocking that resource?
And if you have a look properly, the CSP is blocking the link because of a http->https redirection issue :) No need to weaken the CSP settings IMHO. The concrete impact is that the Jetpack control panel of the extension cannot be used at all. That extension seems to be used for comments in the comment section of the blog and to subscribe to the blog. It also manages the use of the WordPress CDN. Disabling the cache would allow to avoid future issues with that CDN and keep everything served from our servers. But I propose to postpone this and not cause a flameware with Italo since he knows better than me the implications of disabling the WordPress CDN. This blog will need to be redone in all cases. :) More on that at FOSDEM, in person :) -- William Gathoye Hyper<hack>tive volunteer for LibreOffice Proud member of The Document Foundation Member of LaMouette - French based association promoting ODF and LibreOffice -- To unsubscribe e-mail to: [email protected] Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette List archive: https://listarchives.libreoffice.org/global/website/ Privacy Policy: https://www.documentfoundation.org/privacy
