From 1246fcf8f6c75bea7355acc13181a69337625739 Mon Sep 17 00:00:00 2001
From: Alexandre Aubin <alex.aubin@mailoo.org>
Date: Sun, 14 Aug 2022 18:56:20 +0200
Subject: [PATCH] nginx: I'm tired of people reporting the 'Report-Only' error
 message they see in the console. This is useless. Just get rid of it.

---
 conf/nginx/security.conf.inc | 1 -
 1 file changed, 1 deletion(-)

diff --git a/conf/nginx/security.conf.inc b/conf/nginx/security.conf.inc
index a35bb566e..fe853155b 100644
--- a/conf/nginx/security.conf.inc
+++ b/conf/nginx/security.conf.inc
@@ -29,7 +29,6 @@ ssl_dhparam /usr/share/yunohost/ffdhe2048.pem;
 more_set_headers "Content-Security-Policy : upgrade-insecure-requests; default-src https: data: blob: ; object-src https: data: 'unsafe-inline'; style-src https: data: 'unsafe-inline' ; script-src https: data: 'unsafe-inline' 'unsafe-eval'";
 {% else %}
 more_set_headers "Content-Security-Policy : upgrade-insecure-requests";
-more_set_headers "Content-Security-Policy-Report-Only : default-src https: wss: data: blob: ; object-src https: data: 'unsafe-inline'; style-src https: data: 'unsafe-inline' ; script-src https: data: 'unsafe-inline' 'unsafe-eval'";
 {% endif %}
 more_set_headers "X-Content-Type-Options : nosniff";
 more_set_headers "X-XSS-Protection : 1; mode=block";