FEATURE: Turn csp on by default (#8665)

* turn csp on by default

* remove csp migration for new sites now that is is on by default

* Ensure CSP is off before starting qunit

db/migrate/20190110142917_enable_content_security_policy_for_new_sites.rb

@@ -1,27 +0,0 @@
-# frozen_string_literal: true
-
-class EnableContentSecurityPolicyForNewSites < ActiveRecord::Migration[5.2]
-  def up
-    return if Rails.env.test?
-    return if row_exists?
-
-    if instance_is_new?
-      execute "INSERT INTO site_settings(name, data_type, value, created_at, updated_at)
-               VALUES ('content_security_policy', 5, 't', now(), now())"
-    end
-  end
-
-  def down
-    # Don't undo, up method only enables CSP if row isn't already there and if instance is new
-  end
-
-  def row_exists?
-    DB.query("SELECT 1 AS one FROM site_settings where name='content_security_policy'").present?
-  end
-
-  def instance_is_new?
-    dates = DB.query_single("SELECT created_at FROM posts ORDER BY created_at ASC LIMIT 1")
-    dates.empty? || dates.first > 1.week.ago
-  end
-
-end