Apache Podling Website Checks

Checking Podling Websites for required and disallowed content

NOTE: most podlings may not pass these checks yet during incubation - but they are expected to pass them before graduation.

This script periodically crawls all Apache project and podling websites to check them for a few specific links or text blocks that all projects are expected to have. The checks include verifying that all required links appear on a project homepage, along with an "image" check if project logo files are in apache.org/img

The script also checks for 3rd party resource references that might be in conflict with our privacy policy.

The Content-Security-Policy (Csp) check is a work in progress: it only checks that the default settings have not been over-ridden. It does not check if the host exceptions have been approved.

View the crawler code, website display code, validation checks details, and raw JSON data.
Last crawl time: Tue, 24 Mar 2026 20:10:17 GMT over 28 websites.

Related Whimsy Links

Site Check For Podling - Casbin

Results for Podling Casbin . Reminder: Incubation is the process of becoming an Apache project - podlings are not required to meet these checks until graduation. See this project's incubation status.
Check Results column is the actual text or URL found on the homepage for this check (when applicable).
Check Type Check Results Check Description
Uri https://casbin.apache.org
Disclaimer Text of a link expected to match regular expression: Incubation is required of all newly accepted projects
All Apache Incubator Podling sites must contain the incubating disclaimer.
Foundation https://casbin.apache.org/img/asf_logo_wide_small.png
Events URL expected to match regular expression: ^https?://((www\.)?apache\.org/events/current-event|events\.apache\.org|www\.apachecon\.com/event-images/snippet\.js)
Projects SHOULD include a link to any current CommunityOverCode event, or to the events.apache.org site, as provided by VP, Conferences.
License URL expected to match regular expression: ^https?://.*apache.org/licenses/?$
There should be a "License" (*not* "Licenses") navigation link which points to: http[s]://www.apache.org/licenses[/]. (Do not link to sub-pages)
Thanks URL expected to match regular expression: ^https?://.*apache.org/foundation/(thanks|sponsors)
"Sponsors", "Thanks" or "Thanks to our Sponsors" should link to: http://www.apache.org/foundation/thanks.html or sponsors.html
Security URL expected to match regular expression: ^(https?://.*apache.org|[^:]*)/.*[Ss]ecurity
"Security" should link to either to a project-specific page [...], or to the main http://www.apache.org/security/ page.
Sponsorship URL expected to match regular expression: ^https?://.*apache.org/foundation/sponsorship
"Sponsorship", "Sponsor Apache", or "Donate" should link to: http://www.apache.org/foundation/sponsorship.html
Trademarks Apache Casbin, Casbin, and the project logo are trademarks of The Apache Software Foundation.
Copyright Copyright © 2026 The Apache Software Foundation.
Privacy URL expected to match regular expression: \Ahttps://privacy\.apache\.org/policies/privacy-policy-public\.html\z | \Ahttps?://(?:www\.)?apache\.org/foundation/policies/privacy\.html\z
All websites must link to the Privacy Policy.
Resources Found 65 external resources: {"ERROR Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=G-8S2TKCJ27X' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1, ""=>32, "ERROR Refused to load the image 'https://cdn.casbin.org/language/go-logo-1.svg' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://cdn.casbin.org/language/jee-3.svg' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://cdn.casbin.org/language/c.svg' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://cdn.casbin.org/language/nodejs-1.svg' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://cdn.casbin.org/language/logo-javascript.svg' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://cdn.casbin.org/language/PHP-logo.svg' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://cdn.casbin.org/language/laravel-2.svg' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://cdn.casbin.org/language/python-5.svg' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://cdn.casbin.org/language/dotnet-logo.svg' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://cdn.casbin.org/language/delphi-2.svg' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://cdn.casbin.org/language/rust.svg' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://cdn.casbin.org/language/ruby.svg' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://cdn.casbin.org/language/swift-15.svg' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://cdn.casbin.org/language/lua-5.svg' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://cdn.casbin.org/language/dart.svg' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://cdn.casbin.org/language/elixir-lang-icon.svg' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://cdn.casbin.org/language/kubernets.svg' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://img.shields.io/github/stars/casbin/casbin?label=Casbin&style=social' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://img.shields.io/github/stars/casbin/jcasbin?label=jCasbin&style=social' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://img.shields.io/github/stars/casbin/node-casbin?label=Node-Casbin&style=social' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://img.shields.io/github/stars/php-casbin/php-casbin?label=PHP-Casbin&style=social' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://img.shields.io/github/stars/casbin/pycasbin?label=PyCasbin&style=social' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://img.shields.io/github/stars/casbin/Casbin.NET?label=Casbin.NET&style=social' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://img.shields.io/github/stars/casbin/casbin-cpp?label=Casbin-CPP&style=social' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://img.shields.io/github/stars/casbin/casbin-rs?label=Casbin-RS&style=social' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://img.shields.io/twitter/follow/casbinHQ?style=social' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the script 'https://hm.baidu.com/hm.js?2c0ffc6f8d49e98d964d59d7aa4cbf34' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1, "ERROR Refused to load media from 'https://cdn.casbin.org/video/background.mp4' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'media-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to frame 'https://editor.casbin.org/' because it violates the following Content Security Policy directive: \"frame-src 'self' data: blob: https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\"."=>1, "ERROR Refused to load the script 'https://probe.gdevelop.cn/probe.js' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1, "ERROR Refused to load the script 'https://www.clarity.ms/tag/3j9jin33qx' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1, "ERROR Refused to load the script 'https://static.hotjar.com/c/hotjar-1689878.js?sv=6' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1} Text of a link expected to match regular expression: Found \d+ external resources
Websites must not link to externally hosted resources
Image URL expected to match regular expression: .
Projects SHOULD add a copy of their logo to https://www.apache.org/logos/ to be included in ASF homepage.
Csp_check OK

Copyright © 2026, the Apache Software Foundation. Licensed under the Apache License, Version 2.0 | Privacy Policy
Apache®, the names of Apache projects, and the logo are registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries.