From 4b2908388779efa4fc1752785319328526f52662 Mon Sep 17 00:00:00 2001
From: Lucas Werkmeister <mail@lucaswerkmeister.de>
Date: Thu, 26 May 2016 20:55:17 +0200
Subject: [PATCH] Remove CSP report-url directive

---
 src/org/cacert/gigi/Gigi.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/org/cacert/gigi/Gigi.java b/src/org/cacert/gigi/Gigi.java
index 0ee1d1ce..6a572e08 100644
--- a/src/org/cacert/gigi/Gigi.java
+++ b/src/org/cacert/gigi/Gigi.java
@@ -430,7 +430,7 @@ public final class Gigi extends HttpServlet {
         csp.append(";script-src https://" + ServerConstants.getStaticHostNamePortSecure());
         csp.append(";style-src https://" + ServerConstants.getStaticHostNamePortSecure());
         csp.append(";form-action https://" + ServerConstants.getSecureHostNamePort() + " https://" + ServerConstants.getWwwHostNamePortSecure());
-        csp.append(";report-url https://api.cacert.org/security/csp/report");
+        //csp.append(";report-url https://api.cacert.org/security/csp/report");
         return csp.toString();
     }
 
@@ -443,7 +443,7 @@ public final class Gigi extends HttpServlet {
         csp.append(";script-src http://" + ServerConstants.getStaticHostNamePort());
         csp.append(";style-src http://" + ServerConstants.getStaticHostNamePort());
         csp.append(";form-action https://" + ServerConstants.getSecureHostNamePort() + " https://" + ServerConstants.getWwwHostNamePort());
-        csp.append(";report-url http://api.cacert.org/security/csp/report");
+        //csp.append(";report-url http://api.cacert.org/security/csp/report");
         return csp.toString();
     }
 
-- 
2.39.2