From: Martin Raifer <martin@raifer.tech>
Date: Sun, 26 May 2024 13:24:57 +0000 (+0200)
Subject: update script-src CSP rules for iD
X-Git-Tag: live~822^2
X-Git-Url: https://git.openstreetmap.org./rails.git/commitdiff_plain/416fca5703c08dd5af1ef6a42fd2172dc402b6db

update script-src CSP rules for iD
---

diff --git a/app/controllers/site_controller.rb b/app/controllers/site_controller.rb
index 172be5653..ad19df50e 100644
--- a/app/controllers/site_controller.rb
+++ b/app/controllers/site_controller.rb
@@ -19,7 +19,6 @@ class SiteController < ApplicationController
   content_security_policy(:only => :id) do |policy|
     policy.connect_src("*")
     policy.img_src("*", :blob)
-    policy.script_src(*policy.script_src, "dev.virtualearth.net", :unsafe_eval)
     policy.style_src(*policy.style_src, :unsafe_inline)
   end