[ECP-9530] Remove unsafe external resources

Adyen · Oct 30, 2024 · 7a0ecf2 · 7a0ecf2
1 parent fb2809e
commit 7a0ecf2
Showing 1 changed file with 0 additions and 22 deletions.
diff --git a/etc/csp_whitelist.xml b/etc/csp_whitelist.xml
@@ -8,19 +8,13 @@
                 <value id="amazonpay" type="host">*.payments-amazon.com</value>
                 <value id="paypal" type="host">*.paypal.com</value>
                 <value id="ratepay" type="host">*.ratepay.com</value>
-                <value id="cashapp" type="host">*.cash.app</value>
-                <!-- Unsafe external resource required for Cash App Pay -->
-                <value id="amplitude" type="host">*.amplitude.com</value>
-                <!-- Unsafe external resource -->
-                <value id="sentry" type="host">*.sentry.io</value>
             </values>
         </policy>
         <policy id="frame-src">
             <values>
                 <value id="adyen" type="host">*.adyen.com</value>
                 <value id="googlepay" type="host">pay.google.com</value>
                 <value id="paypal" type="host">*.paypal.com</value>
-                <value id="cashapp" type="host">*.cash.app</value>
             </values>
         </policy>
         <policy id="img-src">
@@ -30,7 +24,6 @@
                 <value id="amazonpay" type="host">*.payments-amazon.com</value>
                 <value id="amazonpay-media" type="host">*.media-amazon.com</value>
                 <value id="paypal-objects" type="host">*.paypalobjects.com</value>
-                <value id="cashapp" type="host">*.cash.app</value>
             </values>
         </policy>
         <policy id="connect-src">
@@ -40,10 +33,6 @@
                 <value id="google" type="host">google.com</value>
                 <value id="amazonpay" type="host">payments-eu.amazon.com</value>
                 <value id="paypal" type="host">*.paypal.com</value>
-                <!-- Unsafe external resource required for Cash App Pay -->
-                <value id="amplitude" type="host">*.amplitude.com</value>
-                <!-- Unsafe external resource required for Cash App Pay -->
-                <value id="sentry" type="host">*.sentry.io</value>
             </values>
         </policy>
         <policy id="form-action">
@@ -54,16 +43,5 @@
                 <value id="amazonpay-de" type="host">payments.amazon.de</value>
             </values>
         </policy>
-        <policy id="font-src">
-            <values>
-                <!-- Unsafe external resource required for Cash App Pay -->
-                <value id="squarecdn" type="host">*.squarecdn.com</value>
-            </values>
-        </policy>
-        <policy id="style-src">
-            <values>
-                <value id="cashapp" type="host">*.cash.app</value>
-            </values>
-        </policy>
     </policies>
 </csp_whitelist>