diff options
Diffstat (limited to 'lib/gitlab/content_security_policy/config_loader.rb')
-rw-r--r-- | lib/gitlab/content_security_policy/config_loader.rb | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/lib/gitlab/content_security_policy/config_loader.rb b/lib/gitlab/content_security_policy/config_loader.rb index d7b31946ab0..842920ba02e 100644 --- a/lib/gitlab/content_security_policy/config_loader.rb +++ b/lib/gitlab/content_security_policy/config_loader.rb @@ -37,6 +37,7 @@ module Gitlab allow_webpack_dev_server(settings_hash) if Rails.env.development? allow_cdn(settings_hash) if ENV['GITLAB_CDN_HOST'].present? + allow_customersdot(settings_hash) if Rails.env.development? && ENV['CUSTOMER_PORTAL_URL'].present? settings_hash end @@ -85,6 +86,12 @@ module Gitlab def self.append_to_directive(settings_hash, directive, text) settings_hash['directives'][directive] = "#{settings_hash['directives'][directive]} #{text}".strip end + + def self.allow_customersdot(settings_hash) + customersdot_host = ENV['CUSTOMER_PORTAL_URL'] + + append_to_directive(settings_hash, 'frame_src', customersdot_host) + end end end end |