diff options
Diffstat (limited to 'app/helpers/gitlab_script_tag_helper.rb')
| -rw-r--r-- | app/helpers/gitlab_script_tag_helper.rb | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/app/helpers/gitlab_script_tag_helper.rb b/app/helpers/gitlab_script_tag_helper.rb new file mode 100644 index 00000000000..467f3f7305b --- /dev/null +++ b/app/helpers/gitlab_script_tag_helper.rb @@ -0,0 +1,24 @@ +# frozen_string_literal: true + +module GitlabScriptTagHelper + # Override the default ActionView `javascript_include_tag` helper to support page specific deferred loading. + # PLEASE NOTE: `defer` is also critical so that we don't run JavaScript entrypoints before the DOM is ready. + # Please see https://gitlab.com/groups/gitlab-org/-/epics/4538#note_432159769. + # The helper also makes sure the `nonce` attribute is included in every script when the content security + # policy is enabled. + def javascript_include_tag(*sources) + super(*sources, defer: true, nonce: true) + end + + # The helper makes sure the `nonce` attribute is included in every script when the content security + # policy is enabled. + def javascript_tag(content_or_options_with_block = nil, html_options = {}) + if content_or_options_with_block.is_a?(Hash) + content_or_options_with_block[:nonce] = true + else + html_options[:nonce] = true + end + + super + end +end |