From: Lucas Werkmeister <mail@lucaswerkmeister.de>
Date: Thu, 26 May 2016 18:55:17 +0000 (+0200)
Subject: Remove CSP report-url directive
X-Git-Url: https://code.wpia.club/?p=gigi.git;a=commitdiff_plain;h=4b2908388779efa4fc1752785319328526f52662

Remove CSP report-url directive
---

diff --git a/src/org/cacert/gigi/Gigi.java b/src/org/cacert/gigi/Gigi.java
index 0ee1d1ce..6a572e08 100644
--- a/src/org/cacert/gigi/Gigi.java
+++ b/src/org/cacert/gigi/Gigi.java
@@ -430,7 +430,7 @@ public final class Gigi extends HttpServlet {
         csp.append(";script-src https://" + ServerConstants.getStaticHostNamePortSecure());
         csp.append(";style-src https://" + ServerConstants.getStaticHostNamePortSecure());
         csp.append(";form-action https://" + ServerConstants.getSecureHostNamePort() + " https://" + ServerConstants.getWwwHostNamePortSecure());
-        csp.append(";report-url https://api.cacert.org/security/csp/report");
+        //csp.append(";report-url https://api.cacert.org/security/csp/report");
         return csp.toString();
     }
 
@@ -443,7 +443,7 @@ public final class Gigi extends HttpServlet {
         csp.append(";script-src http://" + ServerConstants.getStaticHostNamePort());
         csp.append(";style-src http://" + ServerConstants.getStaticHostNamePort());
         csp.append(";form-action https://" + ServerConstants.getSecureHostNamePort() + " https://" + ServerConstants.getWwwHostNamePort());
-        csp.append(";report-url http://api.cacert.org/security/csp/report");
+        //csp.append(";report-url http://api.cacert.org/security/csp/report");
         return csp.toString();
     }