From 390a0c0bf0b4085fe4726c6bd569bd9d14349be6 Mon Sep 17 00:00:00 2001
From: Julien Palard <julien@palard.fr>
Date: Mon, 27 Nov 2023 21:40:10 +0100
Subject: [PATCH] CSP handlers are floody in case users do have some plugins,
 that make the logs unreadable.

---
 afpy.org.yml | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/afpy.org.yml b/afpy.org.yml
index 3893288..1f7c5b7 100644
--- a/afpy.org.yml
+++ b/afpy.org.yml
@@ -218,9 +218,7 @@
           ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHVrME7+AYhM4n6opE5gVJbWsZHLETucV2wV+kDvnLk3
           {{ authorized_keys['mdk'] | join(LF) }}
         nginx_extra: |
-          add_header Reporting-Endpoints xmpp="https://http-to-xmpp.afpy.org";
-          add_header Report-To '{"group": "xmpp", "max_age": 86400, "endpoints": [{"url": "https://http-to-xmpp.afpy.org"}]}';
-          add_header Content-Security-Policy "default-src 'none'; font-src https://cdnjs.cloudflare.com; img-src 'self' https://www.gravatar.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; script-src 'self' https://cdnjs.cloudflare.com; frame-ancestors 'self'; report-uri https://http-to-xmpp.afpy.org; report-to xmpp";
+          add_header Content-Security-Policy "default-src 'none'; font-src https://cdnjs.cloudflare.com; img-src 'self' https://www.gravatar.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; script-src 'self' https://cdnjs.cloudflare.com; frame-ancestors 'self';";
           add_header X-Content-Type-Options "nosniff";
 
     - name: Setup nantes.afpy.org
@@ -271,9 +269,7 @@
           {
               listen [::]:443 ssl http2; listen 443 ssl http2;
               server_name photos.afpy.org;
-              add_header Reporting-Endpoints xmpp="https://http-to-xmpp.afpy.org";
-              add_header Report-To '{"group": "xmpp", "max_age": 86400, "endpoints": [{"url": "https://http-to-xmpp.afpy.org"}]}';
-              add_header Content-Security-Policy "default-src 'none'; img-src 'self'; style-src 'self'; script-src 'self'; frame-ancestors 'self'; report-uri https://http-to-xmpp.afpy.org; report-to xmpp";
+              add_header Content-Security-Policy "default-src 'none'; img-src 'self'; style-src 'self'; script-src 'self'; frame-ancestors 'self';";
               add_header X-Content-Type-Options "nosniff";
               include snippets/letsencrypt-photos.afpy.org.conf;
               root /var/www/photos.afpy.org/;