summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStan Hu <stanhu@gmail.com>2019-08-01 20:56:50 -0700
committerStan Hu <stanhu@gmail.com>2019-08-01 20:56:50 -0700
commit5ec3bc2add086d2cae3e5dc4238a0cea301a5e01 (patch)
tree00800384de31de9197b7ffdde5d7c8dfcb134721
parentb924b4c8fff1b664b9813e12857dac29b40df284 (diff)
downloadgitlab-ce-5ec3bc2add086d2cae3e5dc4238a0cea301a5e01.tar.gz
Allow localhost:3808 in CSP rules for tests to pass
Diffstat
-rw-r--r--config/initializers/content_security_policy.rb2
1 files changed, 1 insertions, 1 deletions
diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb
index d93263c2a3d..ee1500ba6fc 100644
--- a/config/initializers/content_security_policy.rb
+++ b/config/initializers/content_security_policy.rb
@@ -2,7 +2,7 @@ Rails.application.config.content_security_policy do |policy|
policy.default_src :self
policy.object_src :none
policy.worker_src *%w(https://assets.gitlab-static.net https://gl-canary.freetls.fastly.net https://gitlab.com blob:)
- policy.script_src *%w('self' 'unsafe-inline' 'unsafe-eval' https://assets.gitlab-static.net https://gl-canary.freetls.fastly.net https://www.google.com/recaptcha/ https://www.recaptcha.net/ https://www.gstatic.com/recaptcha/ https://apis.google.com)
+ policy.script_src *%w('self' http://localhost:3808 'unsafe-inline' 'unsafe-eval' https://assets.gitlab-static.net https://gl-canary.freetls.fastly.net https://www.google.com/recaptcha/ https://www.recaptcha.net/ https://www.gstatic.com/recaptcha/ https://apis.google.com)
policy.style_src *%w('self' 'unsafe-inline' https://assets.gitlab-static.net https://gl-canary.freetls.fastly.net)
policy.img_src *%w(* data: blob)
policy.frame_src *%w('self' https://www.google.com/recaptcha/ https://www.recaptcha.net/ https://content.googleapis.com https://content-compute.googleapis.com https://content-cloudbilling.googleapis.com https://content-cloudresourcemanager.googleapis.com https://*.codesandbox.io)
View Lorry Controller Status