diff options
Diffstat (limited to 'app/controllers/projects/tracings_controller.rb')
| -rw-r--r-- | app/controllers/projects/tracings_controller.rb | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/app/controllers/projects/tracings_controller.rb b/app/controllers/projects/tracings_controller.rb new file mode 100644 index 00000000000..2bc0c590e8d --- /dev/null +++ b/app/controllers/projects/tracings_controller.rb @@ -0,0 +1,28 @@ +# frozen_string_literal: true + +module Projects + class TracingsController < Projects::ApplicationController + content_security_policy do |p| + next if p.directives.blank? + + global_frame_src = p.frame_src + + p.frame_src -> { frame_src_csp_policy(global_frame_src) } + end + + before_action :authorize_update_environment! + + feature_category :tracing + + def show + end + + private + + def frame_src_csp_policy(global_frame_src) + external_url = @project&.tracing_setting&.external_url + + external_url.presence || global_frame_src + end + end +end |