From 7f45c286d00204dea98921324284bc070298549f Mon Sep 17 00:00:00 2001 From: "mintlify[bot]" <109931778+mintlify[bot]@users.noreply.github.com> Date: Tue, 17 Mar 2026 17:41:52 +0000 Subject: [PATCH 1/2] Remove api.mintlifytrieve.com from CSP configuration docs Generated-By: mintlify-agent --- deploy/csp-configuration.mdx | 9 ++++----- es/deploy/csp-configuration.mdx | 9 ++++----- fr/deploy/csp-configuration.mdx | 9 ++++----- zh/deploy/csp-configuration.mdx | 9 ++++----- 4 files changed, 16 insertions(+), 20 deletions(-) diff --git a/deploy/csp-configuration.mdx b/deploy/csp-configuration.mdx index 0aae91563..6d424a1ca 100644 --- a/deploy/csp-configuration.mdx +++ b/deploy/csp-configuration.mdx @@ -31,7 +31,6 @@ The following CSP directives are used to control which resources can be loaded: | `d1ctpt7j8wusba.cloudfront.net` | Mint version and release files | `connect-src` | Required | | `mintcdn.com` | Images, favicons | `img-src`, `connect-src` | Required | | `*.mintcdn.com` | Images, favicons | `img-src`, `connect-src` | Required | -| `api.mintlifytrieve.com` | Search API | `connect-src` | Required | | `cdn.jsdelivr.net` | Emoji assets for OG images | `script-src`, `img-src` | Required | | `mintlify.s3.us-west-1.amazonaws.com` | S3-hosted images | `img-src` | Required | | `fonts.googleapis.com` | Google Fonts | `style-src`, `font-src` | Optional | @@ -62,7 +61,7 @@ style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.c font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com -api.mintlifytrieve.com www.googletagmanager.com cdn.segment.com plausible.io us.posthog.com browser.sentry-cdn.com; +www.googletagmanager.com cdn.segment.com plausible.io us.posthog.com browser.sentry-cdn.com; frame-src 'self' *.mintlify.dev; ``` @@ -81,7 +80,7 @@ Create a Response Header Transform Rule: - **Header name**: `Content-Security-Policy` - **Header value**: ```text wrap - default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com api.mintlifytrieve.com; frame-src 'self' *.mintlify.dev; + default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com; frame-src 'self' *.mintlify.dev; ``` 4. Deploy your rule. @@ -96,7 +95,7 @@ Add a response headers policy in CloudFront: "Config": { "SecurityHeadersConfig": { "ContentSecurityPolicy": { - "ContentSecurityPolicy": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com api.mintlifytrieve.com; frame-src 'self' *.mintlify.dev;", + "ContentSecurityPolicy": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com; frame-src 'self' *.mintlify.dev;", "Override": true } } @@ -117,7 +116,7 @@ Add to your `vercel.json`: "headers": [ { "key": "Content-Security-Policy", - "value": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com api.mintlifytrieve.com; frame-src 'self' *.mintlify.dev;" + "value": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com; frame-src 'self' *.mintlify.dev;" } ] } diff --git a/es/deploy/csp-configuration.mdx b/es/deploy/csp-configuration.mdx index c159cc16f..26e4711df 100644 --- a/es/deploy/csp-configuration.mdx +++ b/es/deploy/csp-configuration.mdx @@ -35,7 +35,6 @@ Las siguientes directivas de CSP se utilizan para controlar qué recursos se pue | `d1ctpt7j8wusba.cloudfront.net` | Archivos de versiones y lanzamientos de Mint | `connect-src` | Obligatorio | | `mintcdn.com` | Imágenes, favicons | `img-src`, `connect-src` | Obligatorio | | `*.mintcdn.com` | Imágenes, favicons | `img-src`, `connect-src` | Obligatorio | -| `api.mintlifytrieve.com` | API de búsqueda | `connect-src` | Obligatorio | | `cdn.jsdelivr.net` | Recursos de emojis para imágenes OG | `script-src`, `img-src` | Obligatorio | | `mintlify.s3.us-west-1.amazonaws.com` | Imágenes alojadas en S3 | `img-src` | Obligatorio | | `fonts.googleapis.com` | Google Fonts | `style-src`, `font-src` | Opcional | @@ -68,7 +67,7 @@ style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.c font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com -api.mintlifytrieve.com www.googletagmanager.com cdn.segment.com plausible.io us.posthog.com browser.sentry-cdn.com; +www.googletagmanager.com cdn.segment.com plausible.io us.posthog.com browser.sentry-cdn.com; frame-src 'self' *.mintlify.dev; ``` @@ -93,7 +92,7 @@ Crea una regla de transformación de encabezados de respuesta: - **Header name**: `Content-Security-Policy` - **Header value**: ```text wrap - default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com api.mintlifytrieve.com; frame-src 'self' *.mintlify.dev; + default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com; frame-src 'self' *.mintlify.dev; ``` 4. Publica la regla. @@ -111,7 +110,7 @@ Agrega una política de encabezados de respuesta en CloudFront: "Config": { "SecurityHeadersConfig": { "ContentSecurityPolicy": { - "ContentSecurityPolicy": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com api.mintlifytrieve.com; frame-src 'self' *.mintlify.dev;", + "ContentSecurityPolicy": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com; frame-src 'self' *.mintlify.dev;", "Override": true } } @@ -135,7 +134,7 @@ Agrega en tu `vercel.json`: "headers": [ { "key": "Content-Security-Policy", - "value": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com api.mintlifytrieve.com; frame-src 'self' *.mintlify.dev;" + "value": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com; frame-src 'self' *.mintlify.dev;" } ] } diff --git a/fr/deploy/csp-configuration.mdx b/fr/deploy/csp-configuration.mdx index f22c45ca4..e5da41dac 100644 --- a/fr/deploy/csp-configuration.mdx +++ b/fr/deploy/csp-configuration.mdx @@ -35,7 +35,6 @@ Les directives CSP suivantes servent à contrôler quelles ressources peuvent ê | `d1ctpt7j8wusba.cloudfront.net` | Fichiers de version et de publication Mint | `connect-src` | Obligatoire | | `mintcdn.com` | Images, favicons | `img-src`, `connect-src` | Obligatoire | | `*.mintcdn.com` | Images, favicons | `img-src`, `connect-src` | Obligatoire | -| `api.mintlifytrieve.com` | API de recherche | `connect-src` | Obligatoire | | `cdn.jsdelivr.net` | Ressources emoji pour images OG | `script-src`, `img-src` | Obligatoire | | `mintlify.s3.us-west-1.amazonaws.com` | Images hébergées sur S3 | `img-src` | Obligatoire | | `fonts.googleapis.com` | Google Fonts | `style-src`, `font-src` | Facultatif | @@ -68,7 +67,7 @@ style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.c font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com -api.mintlifytrieve.com www.googletagmanager.com cdn.segment.com plausible.io us.posthog.com browser.sentry-cdn.com; +www.googletagmanager.com cdn.segment.com plausible.io us.posthog.com browser.sentry-cdn.com; frame-src 'self' *.mintlify.dev; ``` @@ -93,7 +92,7 @@ Créez une règle de transformation des en-têtes de réponse : - **Header name**: `Content-Security-Policy` - **Header value**: ```text wrap - default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com api.mintlifytrieve.com; frame-src 'self' *.mintlify.dev; + default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com; frame-src 'self' *.mintlify.dev; ``` 4. Déployez la règle. @@ -111,7 +110,7 @@ Ajoutez une stratégie d’en-têtes de réponse dans CloudFront : "Config": { "SecurityHeadersConfig": { "ContentSecurityPolicy": { - "ContentSecurityPolicy": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com api.mintlifytrieve.com; frame-src 'self' *.mintlify.dev;", + "ContentSecurityPolicy": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com; frame-src 'self' *.mintlify.dev;", "Override": true } } @@ -135,7 +134,7 @@ Ajoutez ceci à votre `vercel.json` : "headers": [ { "key": "Content-Security-Policy", - "value": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com api.mintlifytrieve.com; frame-src 'self' *.mintlify.dev;" + "value": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com; frame-src 'self' *.mintlify.dev;" } ] } diff --git a/zh/deploy/csp-configuration.mdx b/zh/deploy/csp-configuration.mdx index 3aab92144..4525c5b9e 100644 --- a/zh/deploy/csp-configuration.mdx +++ b/zh/deploy/csp-configuration.mdx @@ -35,7 +35,6 @@ keywords: ["内容安全策略", "CSP 指令", "安全标头", "XSS 防护"] | `d1ctpt7j8wusba.cloudfront.net` | Mint 版本与发行文件 | `connect-src` | 必需 | | `mintcdn.com` | 图像、网站图标 | `img-src`, `connect-src` | 必需 | | `*.mintcdn.com` | 图像、网站图标 | `img-src`, `connect-src` | 必需 | -| `api.mintlifytrieve.com` | 搜索 API | `connect-src` | 必需 | | `cdn.jsdelivr.net` | OG 图片的表情资源 | `script-src`, `img-src` | 必需 | | `mintlify.s3.us-west-1.amazonaws.com` | 托管在 S3 上的图像 | `img-src` | 必需 | | `fonts.googleapis.com` | Google 字体 | `style-src`, `font-src` | 可选 | @@ -68,7 +67,7 @@ style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.c font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com -api.mintlifytrieve.com www.googletagmanager.com cdn.segment.com plausible.io us.posthog.com browser.sentry-cdn.com; +www.googletagmanager.com cdn.segment.com plausible.io us.posthog.com browser.sentry-cdn.com; frame-src 'self' *.mintlify.dev; ``` @@ -93,7 +92,7 @@ frame-src 'self' *.mintlify.dev; - **Header name**:`Content-Security-Policy` - **Header value**: ```text wrap - default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com api.mintlifytrieve.com; frame-src 'self' *.mintlify.dev; + default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com; frame-src 'self' *.mintlify.dev; ``` 4. 部署该规则。 @@ -111,7 +110,7 @@ frame-src 'self' *.mintlify.dev; "Config": { "SecurityHeadersConfig": { "ContentSecurityPolicy": { - "ContentSecurityPolicy": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com api.mintlifytrieve.com; frame-src 'self' *.mintlify.dev;", + "ContentSecurityPolicy": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com; frame-src 'self' *.mintlify.dev;", "Override": true } } @@ -135,7 +134,7 @@ frame-src 'self' *.mintlify.dev; "headers": [ { "key": "Content-Security-Policy", - "value": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com api.mintlifytrieve.com; frame-src 'self' *.mintlify.dev;" + "value": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com; frame-src 'self' *.mintlify.dev;" } ] } From e5c9420935f6fc484e165a100251d2edb2449e69 Mon Sep 17 00:00:00 2001 From: Ethan Palm <56270045+ethanpalm@users.noreply.github.com> Date: Tue, 17 Mar 2026 11:05:46 -0700 Subject: [PATCH 2/2] vale --- .../config/vocabularies/Mintlify/accept.txt | 1 - deploy/csp-configuration.mdx | 18 +++++++++--------- 2 files changed, 9 insertions(+), 10 deletions(-) diff --git a/.vale/styles/config/vocabularies/Mintlify/accept.txt b/.vale/styles/config/vocabularies/Mintlify/accept.txt index 7e6e4e613..89fa47d5f 100644 --- a/.vale/styles/config/vocabularies/Mintlify/accept.txt +++ b/.vale/styles/config/vocabularies/Mintlify/accept.txt @@ -355,7 +355,6 @@ viewport waypoints webhook WebP -websockets? xhr xhr2 XSS diff --git a/deploy/csp-configuration.mdx b/deploy/csp-configuration.mdx index 6d424a1ca..eda4ade7c 100644 --- a/deploy/csp-configuration.mdx +++ b/deploy/csp-configuration.mdx @@ -1,22 +1,22 @@ --- title: "Content Security Policy (CSP) configuration" sidebarTitle: "CSP configuration" -description: "Configure CSP headers to allow Mintlify resources while maintaining security for reverse proxies, firewalls, and networks that enforce strict security policies." -keywords: ["Content Security Policy", "CSP directives", "security headers", "XSS prevention"] +description: "Configure CSP headers to allow Mintlify resources while maintaining security for reverse proxies, firewall rules, and networks that enforce strict security policies." +keywords: ["Content Security Policy", "CSP", "directives", "security headers", "XSS prevention"] --- Content Security Policy (CSP) is a security standard that helps prevent cross-site scripting (XSS) attacks by controlling which resources a web page can load. Mintlify serves a default CSP that protects most sites. If you host your documentation behind a reverse proxy or firewall, that overwrites the default CSP, you may need to configure CSP headers for features to function properly. ## CSP directives -The following CSP directives are used to control which resources can be loaded: +The following CSP directives control which resources a page can load: -- `script-src`: Controls which scripts can be executed -- `style-src`: Controls which stylesheets can be loaded -- `font-src`: Controls which fonts can be loaded -- `img-src`: Controls which images, icons, and logos can be loaded -- `connect-src`: Controls which URLs can be connected to for API calls and WebSocket connections -- `frame-src`: Controls which URLs can be embedded in frames or iframes +- `script-src`: Controls which scripts can run +- `style-src`: Controls which stylesheets can load +- `font-src`: Controls which fonts can load +- `img-src`: Controls which images, icons, and logos can load +- `connect-src`: Controls which URLs can connect to for API calls and WebSocket connections +- `frame-src`: Controls which URLs can embed in frames or iframes - `default-src`: Fallback for other directives when not explicitly set ## Domain allowlist