summaryrefslogtreecommitdiff
path: root/app/controllers/concerns/kas_cookie.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/concerns/kas_cookie.rb')
-rw-r--r--app/controllers/concerns/kas_cookie.rb12
1 files changed, 12 insertions, 0 deletions
diff --git a/app/controllers/concerns/kas_cookie.rb b/app/controllers/concerns/kas_cookie.rb
index ef58ab1972b..c66bf7c9e8c 100644
--- a/app/controllers/concerns/kas_cookie.rb
+++ b/app/controllers/concerns/kas_cookie.rb
@@ -3,6 +3,18 @@
module KasCookie
extend ActiveSupport::Concern
+ included do
+ content_security_policy_with_context do |p|
+ next unless ::Gitlab::Kas::UserAccess.enabled?
+
+ kas_url = ::Gitlab::Kas.tunnel_url
+ next if URI(kas_url).host == ::Gitlab.config.gitlab.host # already allowed, no need for exception
+
+ kas_url += '/' unless kas_url.end_with?('/')
+ p.connect_src(*Array.wrap(p.directives['connect-src']), kas_url)
+ end
+ end
+
def set_kas_cookie
return unless ::Gitlab::Kas::UserAccess.enabled?
View Lorry Controller Status