From: Tobias Burnus <tobias@codesourcery.com>
To: <gcc-patches@gcc.gnu.org>, Gerald Pfeifer <gerald@pfeifer.com>
Subject: Re: [DOCS] sphinx: use new Sphinx links
Date: Thu, 10 Nov 2022 11:36:50 +0100 [thread overview]
Message-ID: <868ba580-dc90-7473-8bc0-7b8d5dae4cd0@codesourcery.com> (raw)
In-Reply-To: <638cad2d-9463-ad35-4b67-d18b42027521@pfeifer.com>
Hi,
On 10.11.22 11:03, Gerald Pfeifer wrote:
> On Thu, 10 Nov 2022, Martin Liška wrote:
>>> https://gcc.gnu.org/install/ is back with a new face.
>> But it's not working properly due to some Content Security Policy:
> Hmm, it worked in my testing before and I just tried again:
> Firefox 106.0.1 (64-bit)
Did you open the console (F12)? If I do, I see the errors:
Content Security Policy: The page’s settings blocked the loading of a
resource at inline (“default-src”). That's for line 18, which is
'<style>'. The next one is for line 42 (same error) which is for:
<script>document.body.dataset.theme = localStorage.getItem("theme") ||
"auto"; </script>And then there is twice: Content Security Policy: The
page’s settings blocked the loading of a resource at
data:image/svg+xml;charset=utf-8,<svg xm… (“default-src”).
> (It feels a bit curious how the position in the web server's file system
> or a symlink could trigger something like that?)
If you look at the output of 'curl -I', which shows only the HTTP header, you will
see that only the /install/ URL has:
content-security-policy: default-src 'self' http: https:
There must be some server configuration that add this - but it does not seem
to be in the .ht* files in the wwwdocs git repo.
I could imaging that /install often contains some files in the default config
such that the central Apache configuration contains has this line to disallow code.
As most production servers don't use /install - it won't affect them and protects
them from some issues. → Something for overseers to check.
For a description, see:
https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
and https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
* * *
> Looking at the source code of index.html I am wondering about
> <html class="no-js" lang="en">
> versus all the .js inclusions later on.
But that only confuses humans - for the computer, it is just the name of
a CSS style sheet class.
Tobias
-----------------
Siemens Electronic Design Automation GmbH; Anschrift: Arnulfstraße 201, 80634 München; Gesellschaft mit beschränkter Haftung; Geschäftsführer: Thomas Heurung, Frank Thürauf; Sitz der Gesellschaft: München; Registergericht München, HRB 106955
next prev parent reply other threads:[~2022-11-10 10:36 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-09 11:13 Martin Liška
2022-11-09 11:22 ` Martin Liška
2022-11-09 13:49 ` Martin Liška
2022-11-10 8:28 ` Gerald Pfeifer
2022-11-10 8:50 ` Martin Liška
2022-11-10 9:35 ` Gerald Pfeifer
2022-11-10 9:39 ` Martin Liška
2022-11-10 10:03 ` Gerald Pfeifer
2022-11-10 10:36 ` Martin Liška
2022-11-10 10:36 ` Tobias Burnus [this message]
2022-11-12 9:30 ` Gerald Pfeifer
2022-11-12 19:12 ` Gerald Pfeifer
2022-11-10 15:37 ` old install to a different folder Martin Liška
2022-11-10 19:24 ` Gerald Pfeifer
2022-11-11 8:40 ` Tobias Burnus
2022-11-11 8:50 ` Martin Liška
2022-11-11 9:11 ` Tobias Burnus
2022-11-11 10:18 ` Richard Biener
2022-11-11 10:33 ` Martin Liška
2022-11-11 10:37 ` Tobias Burnus
2022-11-12 0:06 ` Joseph Myers
2022-11-13 19:43 ` Martin Liška
2022-11-14 1:21 ` Gerald Pfeifer
2022-11-14 3:14 ` Martin Liška
2022-11-09 22:13 ` [DOCS] sphinx: use new Sphinx links Gerald Pfeifer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=868ba580-dc90-7473-8bc0-7b8d5dae4cd0@codesourcery.com \
--to=tobias@codesourcery.com \
--cc=gcc-patches@gcc.gnu.org \
--cc=gerald@pfeifer.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).