summaryrefslogtreecommitdiff
path: root/app/controllers/concerns/observability/content_security_policy.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/concerns/observability/content_security_policy.rb')
-rw-r--r--app/controllers/concerns/observability/content_security_policy.rb10
1 files changed, 8 insertions, 2 deletions
diff --git a/app/controllers/concerns/observability/content_security_policy.rb b/app/controllers/concerns/observability/content_security_policy.rb
index eccd1e1e3ef..3865e3b606d 100644
--- a/app/controllers/concerns/observability/content_security_policy.rb
+++ b/app/controllers/concerns/observability/content_security_policy.rb
@@ -5,8 +5,14 @@ module Observability
extend ActiveSupport::Concern
included do
- content_security_policy do |p|
- next if p.directives.blank? || Gitlab::Observability.observability_url.blank?
+ content_security_policy_with_context do |p|
+ current_group = if defined?(group)
+ group
+ else
+ defined?(project) ? project&.group : nil
+ end
+
+ next if p.directives.blank? || !Gitlab::Observability.observability_enabled?(current_user, current_group)
default_frame_src = p.directives['frame-src'] || p.directives['default-src']
View Lorry Controller Status