Remove deprecation warning for child-src

From [the CSP specification](https://w3c.github.io/webappsec-csp/#changes-from-level-2): > The child-src model has been substantially altered: > > 1. The frame-src directive, which was deprecated in CSP Level 2, has been undeprecated, but continues to defer to child-src if not present (which defers to default-src in turn). > 2. A worker-src directive has been added, deferring to child-src if not present (which likewise defers to script-src and eventually default-src). > 3. Dedicated workers now always inherit their creator’s policy. [History of this feature](https://stackoverflow.com/questions/46039068/csp-child-src-and-frame-src-deprecated/46042614#46042614)
mozilla · Jun 26, 2020 · e812729 · e812729
1 parent cbff891
commit e812729
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 11 deletions.
diff --git a/CHANGES b/CHANGES
@@ -2,6 +2,11 @@
 CHANGES
 =======
 
+Next
+====
+
+- Remove deprecation warning for child-src
+
 3.6
 ===
 

diff --git a/csp/tests/test_utils.py b/csp/tests/test_utils.py
@@ -1,6 +1,5 @@
 from __future__ import absolute_import
 
-import pytest
 import six
 from django.conf import settings
 from django.test.utils import override_settings
@@ -208,9 +207,8 @@ def test_base_uri():
 
 @override_settings(CSP_CHILD_SRC=['example.com'])
 def test_child_src():
-    with pytest.warns(DeprecationWarning):
-        policy = build_policy()
-        policy_eq("default-src 'self'; child-src example.com", policy)
+    policy = build_policy()
+    policy_eq("default-src 'self'; child-src example.com", policy)
 
 
 @override_settings(CSP_FRAME_ANCESTORS=['example.com'])

diff --git a/csp/utils.py b/csp/utils.py
@@ -9,10 +9,6 @@
 from django.utils.encoding import force_str
 
 
-CHILD_SRC_DEPRECATION_WARNING = \
-    'child-src is deprecated in CSP v3. Use frame-src and worker-src.'
-
-
 def from_settings():
     return {
         # Fetch Directives
@@ -96,9 +92,6 @@ def build_policy(config=None, update=None, replace=None, nonce=None):
         else:  # directives with many values like src lists
             policy_parts[key] = ' '.join(value)
 
-        if key == 'child-src':
-            warnings.warn(CHILD_SRC_DEPRECATION_WARNING, DeprecationWarning)
-
     if report_uri:
         report_uri = map(force_str, report_uri)
         policy_parts['report-uri'] = ' '.join(report_uri)