chore: Disable CSP (fossasia#4258)

Dishebh · Mar 29, 2020 · 6a3be8f · 6a3be8f
1 parent 96939f7
commit 6a3be8f
Show file tree

Hide file tree

Showing 3 changed files with 0 additions and 63 deletions.
diff --git a/config/environment.js b/config/environment.js
@@ -120,61 +120,6 @@ module.exports = function(environment) {
 
   ENV.sentry.hostname = getSentryServer(ENV.sentry.dsn, false);
   ENV.sentry.server = getSentryServer(ENV.sentry.dsn, true);
-  if (process.env.CSPPermissive) {
-    ENV.contentSecurityPolicy = { 'default-src': ['*', '', 'data:', 'blob:', '\'unsafe-inline\'', '\'unsafe-eval\''], 'script-src': ['*', '\'unsafe-inline\'', '\'unsafe-eval\''], 'connect-src': ['*', '\'unsafe-inline\''], 'img-src': ['*', 'data:', 'blob:', '\'unsafe-inline\''], 'frame-src': ['*'], 'style-src': ['*', 'data:', 'blob:', '\'unsafe-inline\''], 'font-src': ['*', 'data:', 'blob:', '\'unsafe-inline\''] };
-  } else {
-    ENV.contentSecurityPolicy = {
-      'default-src' : '\'none\'',
-      'connect-src' : [
-        '\'self\'',
-        'ws://eventyay.local:65520',
-        'ws://localhost:49153',
-        'https://maps.gstatic.com',
-        'https://*.eventyay.com',
-        'https://eventyay.com',
-        'https://open-event-api-dev.herokuapp.com',
-        'www.google-analytics.com',
-        'http://127.0.0.1:5000',
-        ENV.sentry.hostname
-      ],
-      'script-src': [
-        '\'self\'',
-        '\'unsafe-inline\'',
-        'https://*.googleapis.com',
-        'https://maps.gstatic.com',
-        'https://eventyay.com',
-        'https://*.eventyay.com',
-        'http://eventyay.local:65520',
-        'http://localhost:49153',
-        'www.google-analytics.com',
-        'https://platform.twitter.com',
-        'https://cdn.syndication.twimg.com',
-        'http://127.0.0.1:5000',
-        'cdn.omise.co/omise.js'
-      ],
-      'font-src': [
-        '\'self\'',
-        'data:',
-        'https://fonts.gstatic.com'
-      ],
-      'img-src': [
-        '*',
-        'data:',
-        'app.getsentry.com',
-        ENV.sentry.hostname
-      ],
-      'style-src': [
-        '\'self\'',
-        '\'unsafe-inline\'',
-        'https://fonts.googleapis.com',
-        'https://maps.gstatic.com',
-        'platform.twitter.com',
-        'https://ton.twimg.com'
-      ],
-      'frame-src' : '*',
-      'media-src' : '\'none\''
-    };
-  }
 
   if (environment === 'development') {
     // ENV.APP.LOG_RESOLVER = true;

diff --git a/package.json b/package.json
@@ -51,7 +51,6 @@
     "ember-cli-cjs-transform": "^2.0.0",
     "ember-cli-clipboard": "^0.14.0",
     "ember-cli-code-coverage": "^1.0.0-beta.9",
-    "ember-cli-content-security-policy": "^1.1.1",
     "ember-cli-dependency-checker": "^3.2.0",
     "ember-cli-deploy": "^1.0.0",
     "ember-cli-deploy-build": "^2.0.0",

diff --git a/yarn.lock b/yarn.lock
@@ -6061,13 +6061,6 @@ ember-cli-code-coverage@^1.0.0-beta.9:
     rsvp "^4.8.5"
     walk-sync "^2.0.2"
 
-ember-cli-content-security-policy@^1.1.1:
-  version "1.1.1"
-  resolved "https://registry.yarnpkg.com/ember-cli-content-security-policy/-/ember-cli-content-security-policy-1.1.1.tgz#7d91a695319d8f99c317f3a594fba77bbfedf6c7"
-  dependencies:
-    body-parser "^1.17.0"
-    chalk "^2.0.0"
-
 ember-cli-dependency-checker@^3.2.0:
   version "3.2.0"
   resolved "https://registry.yarnpkg.com/ember-cli-dependency-checker/-/ember-cli-dependency-checker-3.2.0.tgz#9202ad9e14d6fda33cffc22a11c343c2a8885330"