Move ContentSecurityPolicyFilter registration in embedded case

LabKey · Jan 27, 2024 · e9d88fe · e9d88fe
1 parent d62d166
commit e9d88fe
Showing 1 changed file with 0 additions and 23 deletions.
diff --git a/server/embedded/src/org/labkey/embedded/LabKeyServer.java b/server/embedded/src/org/labkey/embedded/LabKeyServer.java
@@ -5,8 +5,6 @@
 import org.apache.catalina.startup.Tomcat;
 import org.apache.catalina.valves.JsonAccessLogValve;
 import org.apache.tomcat.util.descriptor.web.ContextResource;
-import org.apache.tomcat.util.descriptor.web.FilterDef;
-import org.apache.tomcat.util.descriptor.web.FilterMap;
 import org.labkey.bootstrap.ConfigException;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
@@ -45,8 +43,6 @@ public class LabKeyServer
     private static final String MAX_WAIT_MILLIS_DEFAULT = "120000";
     private static final String ACCESS_TO_CONNECTION_ALLOWED_DEFAULT = "true";
     private static final String VALIDATION_QUERY_DEFAULT = "SELECT 1";
-    private static final String REPORT_CSP_FILTER_NAME = "ReportContentSecurityPolicyFilter";
-    private static final String ENFORCE_CSP_FILTER_NAME = "EnforceContentSecurityPolicyFilter";
 
     public static void main(String[] args)
     {
@@ -130,12 +126,10 @@ protected TomcatWebServer getTomcatWebServer(Tomcat tomcat)
                     if (cspFilterProperties.getEnforce() != null)
                     {
                         context.addParameter("csp.enforce", cspFilterProperties.getEnforce());
-                        addCSPFilter("enforce", cspFilterProperties.getEnforce(), ENFORCE_CSP_FILTER_NAME ,context);
                     }
                     if (cspFilterProperties.getReport() != null)
                     {
                         context.addParameter("csp.report", cspFilterProperties.getReport());
-                        addCSPFilter("report", cspFilterProperties.getReport(), REPORT_CSP_FILTER_NAME, context);
                     }
 
                     // Issue 48426: Allow config for desired work directory
@@ -195,23 +189,6 @@ protected TomcatWebServer getTomcatWebServer(Tomcat tomcat)
                 return super.getTomcatWebServer(tomcat);
             }
 
-
-            private void addCSPFilter(String disposition, String policy, String filterName, StandardContext context)
-            {
-                FilterDef filterDef = new FilterDef();
-                filterDef.setFilterName(filterName);
-//                filterDef.setFilter(new ContentSecurityPolicyFilter());
-                filterDef.addInitParameter("policy", policy);
-                filterDef.addInitParameter("disposition", disposition);
-
-                FilterMap filterMap = new FilterMap();
-                filterMap.setFilterName(filterName);
-                filterMap.addURLPattern("/*");
-
-                context.addFilterDef(filterDef);
-                context.addFilterMap(filterMap);
-            }
-
             // Issue 48565: allow for JSON-formatted access logs in embedded tomcat
             private void configureJsonAccessLogging(Tomcat tomcat, JsonAccessLog logConfig)
             {