diff --git a/config/env.example.optional b/config/env.example.optional
index 1193625c3..c782ac9e7 100644
--- a/config/env.example.optional
+++ b/config/env.example.optional
@@ -104,9 +104,6 @@ DS_ENV="staging"
 # External service: Matomo web analytics
 MATOMO_IFRAME_URL="https://matomo.example.org/index.php?module=CoreAdminHome&action=optOut&language=fr&&fontColor=333333&fontSize=16px&fontFamily=Muli"
 
-# An URI used to report requests breaking the Content Security Policy
-# CSP_REPORT_URI="https://myappname.report-uri.com/r/d/csp/reportOnly"
-
 # Landing page sections
 # LANDING_TESTIMONIALS_ENABLED="enabled"
 # LANDING_USERS_ENABLED="enabled"
diff --git a/config/initializers/02_urls.rb b/config/initializers/02_urls.rb
index 918e82e6a..81563ec89 100644
--- a/config/initializers/02_urls.rb
+++ b/config/initializers/02_urls.rb
@@ -45,5 +45,4 @@ DOC_PROCEDURE_EXPIRES_URL = [DOC_URL, "expiration-et-suppression-des-dossiers"].
 STATUS_PAGE_URL = ENV.fetch("STATUS_PAGE_URL", "https://status.demarches-simplifiees.fr")
 DEMANDE_INSCRIPTION_ADMIN_PAGE_URL = ENV.fetch("DEMANDE_INSCRIPTION_ADMIN_PAGE_URL", "https://www.demarches-simplifiees.fr/commencer/demande-d-inscription-a-demarches-simplifiees")
 MATOMO_IFRAME_URL = ENV.fetch("MATOMO_IFRAME_URL", "https://#{ENV.fetch('MATOMO_HOST', 'stats.data.gouv.fr')}/index.php?module=CoreAdminHome&action=optOut&language=fr&&fontColor=333333&fontSize=16px&fontFamily=Muli")
-CSP_REPORT_URI = ENV.fetch("CSP_REPORT_URI", "")
 # rubocop:enable DS/ApplicationName
diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb
index e6d248ac9..ad9bc9d5a 100644
--- a/config/initializers/content_security_policy.rb
+++ b/config/initializers/content_security_policy.rb
@@ -51,10 +51,6 @@ Rails.application.config.content_security_policy do |policy|
     policy.connect_src(*policy.connect_src, "ws://#{ViteRuby.config.host_with_port}")
     policy.script_src(*policy.script_src, :unsafe_eval, "http://#{ViteRuby.config.host_with_port}")
 
-    # CSP are not enforced in development (see content_security_policy_report_only in development.rb)
-    # However we notify a random local URL, to see breakage in the DevTools when adding a new external resource.
-    policy.report_uri CSP_REPORT_URI if CSP_REPORT_URI.present?
-
   elsif Rails.env.test?
     # Disallow all connections to external domains during tests
     policy.img_src(:self, :data, :blob)
@@ -64,8 +60,6 @@ Rails.application.config.content_security_policy do |policy|
     policy.frame_src(:self)
     policy.default_src(:self, :data, :blob)
 
-  else
-    policy.report_uri CSP_REPORT_URI if CSP_REPORT_URI.present?
   end
 end