Apache Project Website Checks

Checking Project Websites for required and disallowed content

This script periodically crawls all Apache project and podling websites to check them for a few specific links or text blocks that all projects are expected to have. The checks include verifying that all required links appear on a project homepage, along with an "image" check if project logo files are in apache.org/img

The script also checks for 3rd party resource references that might be in conflict with our privacy policy.

The Content-Security-Policy (Csp) check is a work in progress: it only checks that the default settings have not been over-ridden. It does not check if the host exceptions have been approved.

View the crawler code, website display code, validation checks details, and raw JSON data.
Last crawl time: Fri, 31 Oct 2025 20:12:07 GMT over 219 websites.

Related Whimsy Links

Site Check For Project - Flagon

Results for Project Flagon .
Check Results column is the actual text or URL found on the homepage for this check (when applicable).
Check Type Check Results Check Description
Uri https://flagon.apache.org
Foundation Apache Software Foundation
Events https://www.apache.org/events/current-event.html
License http://www.apache.org/licenses/
Thanks http://www.apache.org/foundation/thanks.html
Security http://www.apache.org/security/
Sponsorship http://www.apache.org/foundation/sponsorship.html
Trademarks Apache Flagon, Flagon, Apache, the Apache feather logo, the Apache Flagon logo and the Apache Incubator logo are trademarks of The Apache Software Foundation.
Copyright Copyright © 2025 The Apache Software Foundation
Privacy https://privacy.apache.org/policies/privacy-policy-public.html
Resources Found 13 external resources: {"ERROR Refused to load the stylesheet 'https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin' because it violates the following Content Security Policy directive: \"style-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback."=>1, ""=>4, "WARN Mixed Content: The page at 'https://flagon.apache.org/' was loaded over HTTPS, but requested an insecure element 'http://c.tile.osm.org/13/2478/3029.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html"=>1, "ERROR Refused to load the image 'https://c.tile.osm.org/13/2478/3029.png' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "WARN Mixed Content: The page at 'https://flagon.apache.org/' was loaded over HTTPS, but requested an insecure element 'http://a.tile.osm.org/13/2479/3029.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html"=>1, "ERROR Refused to load the image 'https://a.tile.osm.org/13/2479/3029.png' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "WARN Mixed Content: The page at 'https://flagon.apache.org/' was loaded over HTTPS, but requested an insecure element 'http://a.tile.osm.org/13/2478/3030.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html"=>1, "ERROR Refused to load the image 'https://a.tile.osm.org/13/2478/3030.png' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "WARN Mixed Content: The page at 'https://flagon.apache.org/' was loaded over HTTPS, but requested an insecure element 'http://b.tile.osm.org/13/2479/3030.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html"=>1, "ERROR Refused to load the image 'https://b.tile.osm.org/13/2479/3030.png' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1} Text of a link expected to match regular expression: Found \d+ external resources
Websites must not link to externally hosted resources
Image flagon.svg
Csp_check OK

Copyright © 2025, the Apache Software Foundation. Licensed under the Apache License, Version 2.0 | Privacy Policy
Apache®, the names of Apache projects, and the multicolor feather logo are registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries.