debian-mirror-gitlab/app/controllers/concerns/vscode_cdn_csp.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

18 lines
457 B
Ruby
Raw Normal View History

2023-03-04 22:38:38 +05:30
# rubocop:disable Naming/FileName
# frozen_string_literal: true
module VSCodeCDNCSP
extend ActiveSupport::Concern
included do
content_security_policy do |policy|
next if policy.directives.blank?
default_src = Array(policy.directives['default-src'] || [])
policy.directives['frame-src'] ||= default_src
policy.directives['frame-src'].concat(['https://*.vscode-cdn.net/'])
end
end
end
# rubocop:enable Naming/FileName