This script periodically crawls all Apache project and podling websites to check them for a few specific links or text blocks that all projects are expected to have. The checks include verifying that all required links appear on a project homepage, along with an "image" check if project logo files are in apache.org/img
The script also checks for 3rd party resource references that might be in conflict with our privacy policy.
The Content-Security-Policy (Csp) check is a work in progress: it only checks that the default settings have not been over-ridden. It does not check if the host exceptions have been approved.
View the crawler code, website display code, validation checks details, and raw JSON data.
Last crawl time: Fri, 31 Oct 2025 20:12:07 GMT over 219 websites.
| Check Type | Check Results | Check Description |
|---|---|---|
| Uri | https://drill.apache.org/ | |
| Foundation |
Text of a link expected to match regular expression:
apache|asf|foundation
All projects must feature some prominent link back to the main ASF homepage at http://www.apache.org/ |
|
| Events |
URL expected to match regular expression:
^https?://((www\.)?apache\.org/events/current-event|events\.apache\.org|www\.apachecon\.com/event-images/snippet\.js)
Projects SHOULD include a link to any current CommunityOverCode event, or to the events.apache.org site, as provided by VP, Conferences. |
|
| License |
URL expected to match regular expression:
^https?://.*apache.org/licenses/?$
There should be a "License" (*not* "Licenses") navigation link which points to: http[s]://www.apache.org/licenses[/]. (Do not link to sub-pages) |
|
| Thanks |
URL expected to match regular expression:
^https?://.*apache.org/foundation/(thanks|sponsors)
"Sponsors", "Thanks" or "Thanks to our Sponsors" should link to: http://www.apache.org/foundation/thanks.html or sponsors.html |
|
| Security |
URL expected to match regular expression:
^(https?://.*apache.org|[^:]*)/.*[Ss]ecurity
"Security" should link to either to a project-specific page [...], or to the main http://www.apache.org/security/ page. |
|
| Sponsorship |
URL expected to match regular expression:
^https?://.*apache.org/foundation/sponsorship
"Sponsorship", "Sponsor Apache", or "Donate" should link to: http://www.apache.org/foundation/sponsorship.html |
|
| Trademarks | Apache and the Apache feather logo are trademarks of The Apache Software Foundation. Other names appearing on the site may be trademarks of their respective owners. | |
| Copyright | Copyright © 2012-2025 The Apache Software Foundation | |
| Privacy |
URL expected to match regular expression:
\Ahttps://privacy\.apache\.org/policies/privacy-policy-public\.html\z
|
\Ahttps?://(?:www\.)?apache\.org/foundation/policies/privacy\.html\z
All websites must link to the Privacy Policy. |
|
| Resources | Found 25 external resources: {"ERROR Refused to load the stylesheet 'https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css' because it violates the following Content Security Policy directive: \"style-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback."=>1, ""=>12, "ERROR Refused to load the script 'https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.1/jquery.min.js' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1, "ERROR Refused to load the script 'https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1, "ERROR Refused to load the font 'https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0-ExcOPIDUg-g.woff2' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'font-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the font 'https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0aExcOPIDUg-g.woff2' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'font-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the font 'https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0yExcOPIDUg-g.woff2' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'font-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the font 'https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExcOPIDU.woff2' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'font-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the stylesheet 'https://cdnjs.cloudflare.com/ajax/libs/fancybox/2.1.5/jquery.fancybox.min.css' because it violates the following Content Security Policy directive: \"style-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback."=>1, "ERROR Refused to load the stylesheet 'https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.5.4/slick.min.css' because it violates the following Content Security Policy directive: \"style-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback."=>1, "ERROR Refused to load the stylesheet 'https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.5.4/slick-theme.min.css' because it violates the following Content Security Policy directive: \"style-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback."=>1, "ERROR Refused to load the script 'https://cdnjs.cloudflare.com/ajax/libs/fancybox/2.1.5/jquery.fancybox.min.js' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1, "ERROR Refused to load the script 'https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.5.4/slick.min.js' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1, "ERROR Refused to load the script 'https://s7.addthis.com/js/300/addthis_widget.js' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1} |
Text of a link expected to match regular expression:
Found \d+ external resources
Websites must not link to externally hosted resources |
| Image | drill.eps | |
| Csp_check | OK |