From 4361d5cd509f4e9a0f3babbf8322eaf904e8d201 Mon Sep 17 00:00:00 2001
From: Jan Brasna <1784648+janbrasna@users.noreply.github.com>
Date: Tue, 16 Apr 2024 22:45:14 +0200
Subject: [PATCH] Fix fonts CSP for staging (#14466)

* Fix font-src for stage hosts

* Simplify font CSP to defaults

---------

Co-authored-by: Jan Brasna <janbrasna@users.noreply.github.com>
---
 bedrock/settings/__init__.py | 11 +++--------
 1 file changed, 3 insertions(+), 8 deletions(-)

diff --git a/bedrock/settings/__init__.py b/bedrock/settings/__init__.py
index f019ba871ee..0d6ddc21683 100644
--- a/bedrock/settings/__init__.py
+++ b/bedrock/settings/__init__.py
@@ -154,10 +154,7 @@
     _csp_connect_extra_for_dev = [
         "com-getpocket-prod1.mini.snplow.net",
     ]
-    _csp_font_src = [
-        "'self'",
-        "assets.getpocket.com",
-    ]
+    _csp_font_src = []
 
 else:
     # Mozorg mode
@@ -217,9 +214,7 @@
         "cjms.services.mozilla.com",
     ]
     _csp_connect_extra_for_dev = []
-    _csp_font_src = [
-        "'self'",
-    ]
+    _csp_font_src = []
 
 sys.stdout.write(f"Using SITE_MODE of '{site_mode}'\n")
 
@@ -248,6 +243,7 @@
 
 CSP_SCRIPT_SRC = CSP_DEFAULT_SRC + _csp_script_src
 CSP_STYLE_SRC = CSP_DEFAULT_SRC + _csp_style_src
+CSP_FONT_SRC = CSP_DEFAULT_SRC + _csp_font_src
 CSP_CHILD_SRC = CSP_DEFAULT_SRC + _csp_child_src
 CSP_CONNECT_SRC = CSP_DEFAULT_SRC + _csp_connect_src
 
@@ -264,7 +260,6 @@
 
 # support older browsers (mainly Safari)
 CSP_FRAME_SRC = CSP_CHILD_SRC
-CSP_FONT_SRC = _csp_font_src
 
 # 4. SETTINGS WHICH APPLY REGARDLESS OF SITE MODE
 if DEV: