diff --git a/Gemfile b/Gemfile index 96d15fe08..a1c774548 100644 --- a/Gemfile +++ b/Gemfile @@ -34,7 +34,6 @@ group :development, :test do gem 'launchy' gem 'mocha' gem 'pry-byebug' - gem 'rack-cors' gem 'rails-controller-testing' gem 'rails-erd' gem 'rspec-rails' diff --git a/config/application.rb b/config/application.rb index 031b7cad5..9d8a52cd8 100644 --- a/config/application.rb +++ b/config/application.rb @@ -67,14 +67,7 @@ class Application < Rails::Application # Configure the default encoding used in templates for Ruby 1.9. config.encoding = "utf-8" - config.middleware.insert_before 0, Rack::Cors do - allow do - origins 'http://localhost:4200' - resource '/text-security-disc.woff2', headers: :any, methods: [:get, :post] - resource '/text-security-disc-compat.eot', headers: :any, methods: [:get, :post] - resource '/text-security-disc-compat.ttf', headers: :any, methods: [:get, :post] - end - end + # https://stackoverflow.com/questions/72970170/upgrading-to-rails-6-1-6-1-causes-psychdisallowedclass-tried-to-load-unspecif # https://discuss.rubyonrails.org/t/cve-2022-32224-possible-rce-escalation-bug-with-serialized-columns-in-active-record/81017 diff --git a/config/initializers/mime_types.rb b/config/initializers/mime_types.rb index 7c8cbe80a..dce732376 100644 --- a/config/initializers/mime_types.rb +++ b/config/initializers/mime_types.rb @@ -3,6 +3,3 @@ # Add new mime types for use in respond_to blocks: # Mime::Type.register "text/richtext", :rtf -Mime::Type.register "font/woff2", :woff2 -Mime::Type.register "application/vnd.ms-fontobject", :eot -Mime::Type.register "application/x-font-ttf", :ttf diff --git a/frontend/config/environment.js b/frontend/config/environment.js index aa30bafd1..36a04e22e 100644 --- a/frontend/config/environment.js +++ b/frontend/config/environment.js @@ -4,9 +4,6 @@ module.exports = function (environment) { let ENV = { modulePrefix: "frontend", environment, - contentSecurityPolicy: { - 'font-src': "'self' http://localhost:4200" - }, rootURL: "/", locationType: "history", sentryDsn: "",