Suppress deprecation warning: disable csp in report-only mode

diaspora · Oct 29, 2016 · e18627f · e18627f
1 parent be3b502
commit e18627f
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 0 deletions.
diff --git a/Changelog.md b/Changelog.md
@@ -38,6 +38,7 @@ Note: Although this is a minor release, the configuration file changed because t
 * Display error message when aspect membership changes fail [#7132](https://github.com/diaspora/diaspora/pull/7132)
 * Avoid the creation of pod that are none [#7145](https://github.com/diaspora/diaspora/pull/7145)
 * Fixed tag pages with alternate default aspect settings [#7262](https://github.com/diaspora/diaspora/pull/7162)
+* Suppressed CSP related deprecation warnings [#7263](https://github.com/diaspora/diaspora/pull/7163)
 
 ## Features
 * Deleted comments will be removed when loading more comments [#7045](https://github.com/diaspora/diaspora/pull/7045)

diff --git a/config/initializers/secure_headers.rb b/config/initializers/secure_headers.rb
@@ -43,6 +43,7 @@
   csp[:report_uri] = [AppConfig.settings.csp.report_uri] if AppConfig.settings.csp.report_uri.present?
 
   if AppConfig.settings.csp.report_only?
+    config.csp = SecureHeaders::OPT_OUT
     config.csp_report_only = csp
   else
     config.csp = csp