Remove report-uri

Remove usage of report-uri.io.
martincostello · Oct 29, 2024 · b169e83 · b169e83
1 parent 98d839d
commit b169e83
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/cloudfront-headers.js b/cloudfront-headers.js
@@ -8,8 +8,8 @@ exports.handler = (event, context, callback) => {
     const headers = response.headers;
 
     const values = [
-        { key: "Content-Security-Policy", value: "default-src 'self'; child-src 'self' platform.twitter.com syndication.twitter.com; connect-src 'self' region1.google-analytics.com syndication.twitter.com www.google-analytics.com www.googletagmanager.com; frame-src github.com platform.twitter.com syndication.twitter.com twitter.com; font-src 'self' fonts.gstatic.com stackpath.bootstrapcdn.com use.fontawesome.com; img-src 'self' abs.twimg.com cdn.martincostello.com csi.gstatic.com o.twimg.com pbs.twimg.com platform.twitter.com ssl.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net syndication.twitter.com ton.twimg.com data:; script-src 'self' ajax.googleapis.com apis.google.com cdn.syndication.twimg.com cdnjs.cloudflare.com connect.facebook.net stackpath.bootstrapcdn.com platform.twitter.com ssl.google-analytics.com www.googletagmanager.com; style-src 'self' fonts.googleapis.com stackpath.bootstrapcdn.com platform.twitter.com ton.twimg.com use.fontawesome.com 'unsafe-inline'; report-uri https://martincostello.report-uri.io/r/default/csp/reportOnly;" },
-        { key: "Expect-CT", value: "max-age=1800; report-uri https://martincostello.report-uri.io/r/default/ct/reportOnly" },
+        { key: "Content-Security-Policy", value: "default-src 'self'; child-src 'self' platform.twitter.com syndication.twitter.com; connect-src 'self' region1.google-analytics.com syndication.twitter.com www.google-analytics.com www.googletagmanager.com; frame-src github.com platform.twitter.com syndication.twitter.com twitter.com; font-src 'self' fonts.gstatic.com stackpath.bootstrapcdn.com use.fontawesome.com; img-src 'self' abs.twimg.com cdn.martincostello.com csi.gstatic.com o.twimg.com pbs.twimg.com platform.twitter.com ssl.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net syndication.twitter.com ton.twimg.com data:; script-src 'self' ajax.googleapis.com apis.google.com cdn.syndication.twimg.com cdnjs.cloudflare.com connect.facebook.net stackpath.bootstrapcdn.com platform.twitter.com ssl.google-analytics.com www.googletagmanager.com; style-src 'self' fonts.googleapis.com stackpath.bootstrapcdn.com platform.twitter.com ton.twimg.com use.fontawesome.com 'unsafe-inline'" },
+        { key: "Expect-CT", value: "max-age=1800" },
         { key: "Feature-Policy", value: "accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'" },
         { key: "Referrer-Policy", value: "no-referrer-when-downgrade" },
         { key: "Strict-Transport-Security", value: "max-age=31536000" },