]> git.openstreetmap.org Git - chef.git/commitdiff
Revert "imagery: Add report only CSP and NEL reporting"
authorGrant Slater <git@firefishy.com>
Mon, 7 Jun 2021 12:29:03 +0000 (13:29 +0100)
committerGrant Slater <git@firefishy.com>
Mon, 7 Jun 2021 12:29:03 +0000 (13:29 +0100)
This reverts commit 7d41b07d2090855c7fd3117b62a1e6ecbf20b246.

cookbooks/imagery/templates/default/nginx_imagery.conf.erb

index 1c828d9b1be3f52272875ba7f250530361c6f453..b038071b7861dbd4f8a840c18ec62f7ea8567025 100644 (file)
@@ -31,12 +31,6 @@ server {
     add_header Strict-Transport-Security "<%= node[:ssl][:strict_transport_security] %>" always;
 <% end -%>
 
     add_header Strict-Transport-Security "<%= node[:ssl][:strict_transport_security] %>" always;
 <% end -%>
 
-    # CSP report only policy
-    add_header Content-Security-Policy-Report-Only "default-src 'none'; form-action 'none'; frame-ancestors 'none'; report-uri https://openstreetmap.report-uri.com/r/d/csp/wizard";
-    # Add NEL reporting
-    add_header Report-To "{\"group\":\"default\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://openstreetmap.report-uri.com/a/d/g\"}],\"include_subdomains\":true}";
-    add_header NEL "{\"report_to\":\"default\",\"max_age\":604800,\"include_subdomains\":true}";
-
     # Requests sent within early data are subject to replay attacks.
     # See: http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_early_data
     ssl_early_data on;
     # Requests sent within early data are subject to replay attacks.
     # See: http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_early_data
     ssl_early_data on;