summaryrefslogtreecommitdiff
path: root/config
diff options
context:
space:
mode:
authorConnor Shea <connor.james.shea@gmail.com>2016-07-19 22:24:27 -0600
committerConnor Shea <connor.james.shea@gmail.com>2016-07-19 22:29:15 -0600
commit38577d6825e36cb144db5d505834cad0b00d27f7 (patch)
tree77c42e3b8e0d8f79f487bbd03f70d26b3a6e3d7f /config
parentf2cd21e8946dcef13e8be408b96b079b5ced682a (diff)
downloadgitlab-ce-38577d6825e36cb144db5d505834cad0b00d27f7.tar.gz
Fix the Sentry spam from CSP violations by disabling it.
Diffstat (limited to 'config')
-rw-r--r--config/initializers/secure_headers.rb14
1 files changed, 2 insertions, 12 deletions
diff --git a/config/initializers/secure_headers.rb b/config/initializers/secure_headers.rb
index 9fd24a667cc..253e3cf7410 100644
--- a/config/initializers/secure_headers.rb
+++ b/config/initializers/secure_headers.rb
@@ -4,14 +4,7 @@
require 'gitlab/current_settings'
include Gitlab::CurrentSettings
-# If Sentry is enabled and the Rails app is running in production mode,
-# this will construct the Report URI for Sentry.
-if Rails.env.production? && current_application_settings.sentry_enabled
- uri = URI.parse(current_application_settings.sentry_dsn)
- CSP_REPORT_URI = "#{uri.scheme}://#{uri.host}/api#{uri.path}/csp-report/?sentry_key=#{uri.user}"
-else
- CSP_REPORT_URI = ''
-end
+CSP_REPORT_URI = ''
# Content Security Policy Headers
# For more information on CSP see:
@@ -71,10 +64,7 @@ SecureHeaders::Configuration.default do |config|
upgrade_insecure_requests: true
}
- # Reports are sent to Sentry if it's enabled.
- if current_application_settings.sentry_enabled
- config.csp[:report_uri] = %W(#{CSP_REPORT_URI})
- end
+ config.csp[:report_uri] = %W(#{CSP_REPORT_URI})
# Allow Bootstrap Linter in development mode.
if Rails.env.development?
View Lorry Controller Status