Module: WebIdeCSP
- Extended by:
- ActiveSupport::Concern
- Included in:
- IdeController, WebIde::RemoteIdeController
- Defined in:
- app/controllers/concerns/web_ide_csp.rb
Instance Method Summary collapse
-
#include_web_ide_csp ⇒ Object
We want to include frames from ‘/assets/webpack` of the request’s host to support URL flexibility with the Web IDE.
Instance Method Details
#include_web_ide_csp ⇒ Object
We want to include frames from ‘/assets/webpack` of the request’s host to support URL flexibility with the Web IDE. gitlab.com/gitlab-org/gitlab/-/merge_requests/118875
13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 |
# File 'app/controllers/concerns/web_ide_csp.rb', line 13 def include_web_ide_csp return if request.content_security_policy.directives.blank? base_uri = URI(request.url) base_uri.path = ::Gitlab.config.gitlab.relative_url_root || '/' # `.path +=` handles combining `x/` and `/foo` base_uri.path += '/assets/webpack/' webpack_url = base_uri.to_s default_src = Array(request.content_security_policy.directives['default-src'] || []) request.content_security_policy.directives['frame-src'] ||= default_src request.content_security_policy.directives['frame-src'].concat([webpack_url, 'https://*.web-ide.gitlab-static.net/']) request.content_security_policy.directives['worker-src'] ||= default_src request.content_security_policy.directives['worker-src'].concat([webpack_url]) end |