It’s a shame. The avatars make the site better. And no one’s privacy is being violated. Julian
> On Feb 17, 2025, at 05:40, Istvan Toth <st...@cloudera.com.invalid> wrote: > > I prefer removing the avatars. > Having snapshots for existing ppl is half-solution, and trying to add some > kind of sync mechanism on build would be a waste of energy. > > Istvan > >> On Mon, Feb 17, 2025 at 4:45 AM Francis Chuang <francischu...@apache.org> >> wrote: >> >> There are numerous broken resources on our websites due to the >> Content-Security-Policy HTTP header deployed by the ASF [1]. >> >> The CSP is quite restrictive: default-src 'self' data: blob: >> 'unsafe-inline' https://www.apachecon.com/ >> https://www.communityovercode.org/ https://analytics.apache.org/; >> script-src 'self' 'unsafe-inline' 'unsafe-eval' >> https://analytics.apache.org/; style-src 'self' 'unsafe-inline' data:; >> frame-ancestors 'self'; frame-src 'self' data: blob:; img-src 'self' >> data: https://*.apache.org/; worker-src 'self' data: blob:; >> >> I was able to fix the Lato font not loading on the Calcite and Avatica >> sites by self-hosting it in CALCITE-6843 [2]. >> >> There are still quite a few resources broken on both the Calcite and >> Avatica sites, mostly images. For most images, we can easily self-host >> our own copy. However, we use GitHub avatars for the Community and News >> pages on both sites. We can either self-host all the avatars (but they >> won't be updated if the user changes them on GitHub) or we can get rid >> of them. >> >> What do you guys think? >> >> Francis >> >> [1] https://infra.apache.org/csp.html >> [2] https://issues.apache.org/jira/browse/CALCITE-6843 >> > > > -- > *István Tóth* | Sr. Staff Software Engineer > *Email*: st...@cloudera.com > cloudera.com <https://www.cloudera.com> > [image: Cloudera] <https://www.cloudera.com/> > [image: Cloudera on Twitter] <https://twitter.com/cloudera> [image: > Cloudera on Facebook] <https://www.facebook.com/cloudera> [image: Cloudera > on LinkedIn] <https://www.linkedin.com/company/cloudera> > ------------------------------ > ------------------------------
