Add latest changes from gitlab-org/gitlab@15-1-stable-eev15.1.0-rc42

author: GitLab Bot <gitlab-bot@gitlab.com> 2022-06-20 11:10:13 +0000
committer: GitLab Bot <gitlab-bot@gitlab.com> 2022-06-20 11:10:13 +0000
commit: 0ea3fcec397b69815975647f5e2aa5fe944a8486 (patch)
tree: 7979381b89d26011bcf9bdc989a40fcc2f1ed4ff /spec/lib/gitlab/content_security_policy
parent: 72123183a20411a36d607d70b12d57c484394c8e (diff)
download: gitlab-ce-0ea3fcec397b69815975647f5e2aa5fe944a8486.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/spec/lib/gitlab/content_security_policy/config_loader_spec.rb b/spec/lib/gitlab/content_security_policy/config_loader_spec.rb
index 2df85434f0e..109e83be294 100644
--- a/spec/lib/gitlab/content_security_policy/config_loader_spec.rb
+++ b/spec/lib/gitlab/content_security_policy/config_loader_spec.rb
@@ -178,6 +178,16 @@ RSpec.describe Gitlab::ContentSecurityPolicy::ConfigLoader do
             expect(directives['connect_src']).not_to include(snowplow_micro_url)
           end
         end
+
+        context 'when REVIEW_APPS_ENABLED is set' do
+          before do
+            stub_env('REVIEW_APPS_ENABLED', 'true')
+          end
+
+          it 'adds gitlab-org/gitlab merge requests API endpoint to CSP' do
+            expect(directives['connect_src']).to include('https://gitlab.com/api/v4/projects/278964/merge_requests/')
+          end
+        end
       end
     end
   end
author	GitLab Bot <gitlab-bot@gitlab.com>	2022-06-20 11:10:13 +0000
committer	GitLab Bot <gitlab-bot@gitlab.com>	2022-06-20 11:10:13 +0000
commit	0ea3fcec397b69815975647f5e2aa5fe944a8486 (patch)
tree	7979381b89d26011bcf9bdc989a40fcc2f1ed4ff /spec/lib/gitlab/content_security_policy
parent	72123183a20411a36d607d70b12d57c484394c8e (diff)
download	gitlab-ce-0ea3fcec397b69815975647f5e2aa5fe944a8486.tar.gz