{"host": "hcaptcha-proxy1001.wikimedia.org", "state": "core_diff", "description": "Differences to core resources", "diff": {"full": {"total": 2954, "only_in_self": [], "only_in_other": [], "resource_diffs": [{"resource": "Nginx::Site[assets-hcaptcha.wikimedia.org]"}, {"resource": "File[/etc/nginx/sites-available/report-hcaptcha-wikimedia-org]", "content": "--- /etc/nginx/sites-available/report-hcaptcha-wikimedia-org.orig\n+++ /etc/nginx/sites-available/report-hcaptcha-wikimedia-org\n@@ -17,7 +17,7 @@\n     add_header Strict-Transport-Security \"max-age=63072000\" always;\n \n     # Allow each subdomain of known Wikimedia domains to embed iframes from the hcaptcha proxy.\n-    add_header Content-Security-Policy \"frame-ancestors 'self' https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n+    add_header Content-Security-Policy \"frame-ancestors 'self' https://wikisource.org https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n \n     # CORS: '*' is correct because all loads here are anonymous (no\n     # credentials). proxy_hide_header in each proxy_pass location below"}, {"resource": "Nginx::Site[sentry-hcaptcha.wikimedia.org]"}, {"resource": "File[/etc/nginx/sites-available/imgs-hcaptcha-wikimedia-org]", "content": "--- /etc/nginx/sites-available/imgs-hcaptcha-wikimedia-org.orig\n+++ /etc/nginx/sites-available/imgs-hcaptcha-wikimedia-org\n@@ -17,7 +17,7 @@\n     add_header Strict-Transport-Security \"max-age=63072000\" always;\n \n     # Allow each subdomain of known Wikimedia domains to embed iframes from the hcaptcha proxy.\n-    add_header Content-Security-Policy \"frame-ancestors 'self' https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n+    add_header Content-Security-Policy \"frame-ancestors 'self' https://wikisource.org https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n \n     # CORS: '*' is correct because all loads here are anonymous (no\n     # credentials). proxy_hide_header in each proxy_pass location below"}, {"resource": "File[/etc/nginx/sites-available/assets-hcaptcha-wikimedia-org]", "content": "--- /etc/nginx/sites-available/assets-hcaptcha-wikimedia-org.orig\n+++ /etc/nginx/sites-available/assets-hcaptcha-wikimedia-org\n@@ -17,7 +17,7 @@\n     add_header Strict-Transport-Security \"max-age=63072000\" always;\n \n     # Allow each subdomain of known Wikimedia domains to embed iframes from the hcaptcha proxy.\n-    add_header Content-Security-Policy \"frame-ancestors 'self' https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n+    add_header Content-Security-Policy \"frame-ancestors 'self' https://wikisource.org https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n \n     # CORS: '*' is correct because all loads here are anonymous (no\n     # credentials). proxy_hide_header in each proxy_pass location below"}, {"resource": "Nginx::Site[imgs-hcaptcha.wikimedia.org]"}, {"resource": "Nginx::Site[hcaptcha.wikimedia.org]"}, {"resource": "File[/etc/nginx/sites-available/sentry-hcaptcha-wikimedia-org]", "content": "--- /etc/nginx/sites-available/sentry-hcaptcha-wikimedia-org.orig\n+++ /etc/nginx/sites-available/sentry-hcaptcha-wikimedia-org\n@@ -17,7 +17,7 @@\n     add_header Strict-Transport-Security \"max-age=63072000\" always;\n \n     # Allow each subdomain of known Wikimedia domains to embed iframes from the hcaptcha proxy.\n-    add_header Content-Security-Policy \"frame-ancestors 'self' https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n+    add_header Content-Security-Policy \"frame-ancestors 'self' https://wikisource.org https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n \n     # CORS: '*' is correct because all loads here are anonymous (no\n     # credentials). proxy_hide_header in each proxy_pass location below"}, {"resource": "Nginx::Site[report-hcaptcha.wikimedia.org]"}, {"resource": "File[/etc/nginx/sites-available/hcaptcha-wikimedia-org]", "content": "--- /etc/nginx/sites-available/hcaptcha-wikimedia-org.orig\n+++ /etc/nginx/sites-available/hcaptcha-wikimedia-org\n@@ -22,7 +22,7 @@\n     add_header Strict-Transport-Security \"max-age=63072000; includeSubDomains\" always;\n \n     # Allow each subdomain of known Wikimedia domains to embed iframes from the hcaptcha proxy.\n-    add_header Content-Security-Policy \"frame-ancestors 'self' https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n+    add_header Content-Security-Policy \"frame-ancestors 'self' https://wikisource.org https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n \n     # Restrict methods\n     add_header Allow \"GET, HEAD, POST, OPTIONS\" always;"}], "perc_changed": "0.34%"}, "core": {"total": 2954, "only_in_self": [], "only_in_other": [], "resource_diffs": [{"resource": "File[/etc/nginx/sites-available/sentry-hcaptcha-wikimedia-org]", "content": "--- /etc/nginx/sites-available/sentry-hcaptcha-wikimedia-org.orig\n+++ /etc/nginx/sites-available/sentry-hcaptcha-wikimedia-org\n@@ -17,7 +17,7 @@\n     add_header Strict-Transport-Security \"max-age=63072000\" always;\n \n     # Allow each subdomain of known Wikimedia domains to embed iframes from the hcaptcha proxy.\n-    add_header Content-Security-Policy \"frame-ancestors 'self' https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n+    add_header Content-Security-Policy \"frame-ancestors 'self' https://wikisource.org https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n \n     # CORS: '*' is correct because all loads here are anonymous (no\n     # credentials). proxy_hide_header in each proxy_pass location below"}, {"resource": "File[/etc/nginx/sites-available/report-hcaptcha-wikimedia-org]", "content": "--- /etc/nginx/sites-available/report-hcaptcha-wikimedia-org.orig\n+++ /etc/nginx/sites-available/report-hcaptcha-wikimedia-org\n@@ -17,7 +17,7 @@\n     add_header Strict-Transport-Security \"max-age=63072000\" always;\n \n     # Allow each subdomain of known Wikimedia domains to embed iframes from the hcaptcha proxy.\n-    add_header Content-Security-Policy \"frame-ancestors 'self' https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n+    add_header Content-Security-Policy \"frame-ancestors 'self' https://wikisource.org https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n \n     # CORS: '*' is correct because all loads here are anonymous (no\n     # credentials). proxy_hide_header in each proxy_pass location below"}, {"resource": "File[/etc/nginx/sites-available/hcaptcha-wikimedia-org]", "content": "--- /etc/nginx/sites-available/hcaptcha-wikimedia-org.orig\n+++ /etc/nginx/sites-available/hcaptcha-wikimedia-org\n@@ -22,7 +22,7 @@\n     add_header Strict-Transport-Security \"max-age=63072000; includeSubDomains\" always;\n \n     # Allow each subdomain of known Wikimedia domains to embed iframes from the hcaptcha proxy.\n-    add_header Content-Security-Policy \"frame-ancestors 'self' https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n+    add_header Content-Security-Policy \"frame-ancestors 'self' https://wikisource.org https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n \n     # Restrict methods\n     add_header Allow \"GET, HEAD, POST, OPTIONS\" always;"}, {"resource": "File[/etc/nginx/sites-available/imgs-hcaptcha-wikimedia-org]", "content": "--- /etc/nginx/sites-available/imgs-hcaptcha-wikimedia-org.orig\n+++ /etc/nginx/sites-available/imgs-hcaptcha-wikimedia-org\n@@ -17,7 +17,7 @@\n     add_header Strict-Transport-Security \"max-age=63072000\" always;\n \n     # Allow each subdomain of known Wikimedia domains to embed iframes from the hcaptcha proxy.\n-    add_header Content-Security-Policy \"frame-ancestors 'self' https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n+    add_header Content-Security-Policy \"frame-ancestors 'self' https://wikisource.org https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n \n     # CORS: '*' is correct because all loads here are anonymous (no\n     # credentials). proxy_hide_header in each proxy_pass location below"}, {"resource": "File[/etc/nginx/sites-available/assets-hcaptcha-wikimedia-org]", "content": "--- /etc/nginx/sites-available/assets-hcaptcha-wikimedia-org.orig\n+++ /etc/nginx/sites-available/assets-hcaptcha-wikimedia-org\n@@ -17,7 +17,7 @@\n     add_header Strict-Transport-Security \"max-age=63072000\" always;\n \n     # Allow each subdomain of known Wikimedia domains to embed iframes from the hcaptcha proxy.\n-    add_header Content-Security-Policy \"frame-ancestors 'self' https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n+    add_header Content-Security-Policy \"frame-ancestors 'self' https://wikisource.org https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n \n     # CORS: '*' is correct because all loads here are anonymous (no\n     # credentials). proxy_hide_header in each proxy_pass location below"}], "perc_changed": "0.17%"}, "main": {"total": 2954, "only_in_self": [], "only_in_other": [], "resource_diffs": [{"resource": "File[/etc/nginx/sites-available/sentry-hcaptcha-wikimedia-org]", "content": "--- /etc/nginx/sites-available/sentry-hcaptcha-wikimedia-org.orig\n+++ /etc/nginx/sites-available/sentry-hcaptcha-wikimedia-org\n@@ -17,7 +17,7 @@\n     add_header Strict-Transport-Security \"max-age=63072000\" always;\n \n     # Allow each subdomain of known Wikimedia domains to embed iframes from the hcaptcha proxy.\n-    add_header Content-Security-Policy \"frame-ancestors 'self' https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n+    add_header Content-Security-Policy \"frame-ancestors 'self' https://wikisource.org https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n \n     # CORS: '*' is correct because all loads here are anonymous (no\n     # credentials). proxy_hide_header in each proxy_pass location below"}, {"resource": "Nginx::Site[report-hcaptcha.wikimedia.org]"}, {"resource": "Nginx::Site[assets-hcaptcha.wikimedia.org]"}, {"resource": "File[/etc/nginx/sites-available/report-hcaptcha-wikimedia-org]", "content": "--- /etc/nginx/sites-available/report-hcaptcha-wikimedia-org.orig\n+++ /etc/nginx/sites-available/report-hcaptcha-wikimedia-org\n@@ -17,7 +17,7 @@\n     add_header Strict-Transport-Security \"max-age=63072000\" always;\n \n     # Allow each subdomain of known Wikimedia domains to embed iframes from the hcaptcha proxy.\n-    add_header Content-Security-Policy \"frame-ancestors 'self' https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n+    add_header Content-Security-Policy \"frame-ancestors 'self' https://wikisource.org https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n \n     # CORS: '*' is correct because all loads here are anonymous (no\n     # credentials). proxy_hide_header in each proxy_pass location below"}, {"resource": "File[/etc/nginx/sites-available/hcaptcha-wikimedia-org]", "content": "--- /etc/nginx/sites-available/hcaptcha-wikimedia-org.orig\n+++ /etc/nginx/sites-available/hcaptcha-wikimedia-org\n@@ -22,7 +22,7 @@\n     add_header Strict-Transport-Security \"max-age=63072000; includeSubDomains\" always;\n \n     # Allow each subdomain of known Wikimedia domains to embed iframes from the hcaptcha proxy.\n-    add_header Content-Security-Policy \"frame-ancestors 'self' https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n+    add_header Content-Security-Policy \"frame-ancestors 'self' https://wikisource.org https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n \n     # Restrict methods\n     add_header Allow \"GET, HEAD, POST, OPTIONS\" always;"}, {"resource": "Nginx::Site[sentry-hcaptcha.wikimedia.org]"}, {"resource": "File[/etc/nginx/sites-available/imgs-hcaptcha-wikimedia-org]", "content": "--- /etc/nginx/sites-available/imgs-hcaptcha-wikimedia-org.orig\n+++ /etc/nginx/sites-available/imgs-hcaptcha-wikimedia-org\n@@ -17,7 +17,7 @@\n     add_header Strict-Transport-Security \"max-age=63072000\" always;\n \n     # Allow each subdomain of known Wikimedia domains to embed iframes from the hcaptcha proxy.\n-    add_header Content-Security-Policy \"frame-ancestors 'self' https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n+    add_header Content-Security-Policy \"frame-ancestors 'self' https://wikisource.org https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n \n     # CORS: '*' is correct because all loads here are anonymous (no\n     # credentials). proxy_hide_header in each proxy_pass location below"}, {"resource": "File[/etc/nginx/sites-available/assets-hcaptcha-wikimedia-org]", "content": "--- /etc/nginx/sites-available/assets-hcaptcha-wikimedia-org.orig\n+++ /etc/nginx/sites-available/assets-hcaptcha-wikimedia-org\n@@ -17,7 +17,7 @@\n     add_header Strict-Transport-Security \"max-age=63072000\" always;\n \n     # Allow each subdomain of known Wikimedia domains to embed iframes from the hcaptcha proxy.\n-    add_header Content-Security-Policy \"frame-ancestors 'self' https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n+    add_header Content-Security-Policy \"frame-ancestors 'self' https://wikisource.org https://*.wikipedia.org https://*.wikimedia.org https://*.wikibooks.org https://*.wikinews.org https://*.wikiquote.org https://*.wikisource.org https://*.wikiversity.org https://*.wikivoyage.org https://*.wikidata.org https://*.wikimediafoundation.org https://*.wikiworkshop.org https://*.wikifunctions.org https://*.wiktionary.org https://*.mediawiki.org https://*.wmfusercontent.org https://*.w.wiki; report-uri https://sentry-hcaptcha.wikimedia.org/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;\" always;\n \n     # CORS: '*' is correct because all loads here are anonymous (no\n     # credentials). proxy_hide_header in each proxy_pass location below"}, {"resource": "Nginx::Site[imgs-hcaptcha.wikimedia.org]"}, {"resource": "Nginx::Site[hcaptcha.wikimedia.org]"}], "perc_changed": "0.34%"}}}