diff options
author | Robert Speicher <rspeicher@gmail.com> | 2016-07-20 19:04:03 -0600 |
---|---|---|
committer | Robert Speicher <rspeicher@gmail.com> | 2016-07-20 22:19:02 -0600 |
commit | 76e78fca97f4d7a448ef87f6b6cb14a8268b7341 (patch) | |
tree | 04b4c1aaa2026b51d08fcd68d2cdfaf81948c015 /config | |
parent | b5ef5cc6acd0a583a68ee606ae6005a1f6d16df3 (diff) | |
download | gitlab-ce-76e78fca97f4d7a448ef87f6b6cb14a8268b7341.tar.gz |
Revert "Merge branch 'remove-csp-sentry-reporting' into 'master'
"
This reverts commit 79b02e40e5842540ceff4454f6c2c51f13fc081c, reversing
changes made to f2cd21e8946dcef13e8be408b96b079b5ced682a.
Diffstat (limited to 'config')
-rw-r--r-- | config/initializers/secure_headers.rb | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/config/initializers/secure_headers.rb b/config/initializers/secure_headers.rb index 253e3cf7410..9fd24a667cc 100644 --- a/config/initializers/secure_headers.rb +++ b/config/initializers/secure_headers.rb @@ -4,7 +4,14 @@ require 'gitlab/current_settings' include Gitlab::CurrentSettings -CSP_REPORT_URI = '' +# If Sentry is enabled and the Rails app is running in production mode, +# this will construct the Report URI for Sentry. +if Rails.env.production? && current_application_settings.sentry_enabled + uri = URI.parse(current_application_settings.sentry_dsn) + CSP_REPORT_URI = "#{uri.scheme}://#{uri.host}/api#{uri.path}/csp-report/?sentry_key=#{uri.user}" +else + CSP_REPORT_URI = '' +end # Content Security Policy Headers # For more information on CSP see: @@ -64,7 +71,10 @@ SecureHeaders::Configuration.default do |config| upgrade_insecure_requests: true } - config.csp[:report_uri] = %W(#{CSP_REPORT_URI}) + # Reports are sent to Sentry if it's enabled. + if current_application_settings.sentry_enabled + config.csp[:report_uri] = %W(#{CSP_REPORT_URI}) + end # Allow Bootstrap Linter in development mode. if Rails.env.development? |