Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2023-10-14 00:10:27 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2023-10-14 00:10:27 +0300
commit: d6f2690ceeffc5306381618473cc4e3e613ebecf (patch)
tree: 96c544ef1f21e66ca2dee9fc692dcdeee590ee2b /app/controllers
parent: 718637f88ce9933f581c58e27dfffc389cbb6111 (diff)
6 files changed, 0 insertions, 76 deletions
diff --git a/app/controllers/concerns/google_analytics_csp.rb b/app/controllers/concerns/google_analytics_csp.rb
deleted file mode 100644
index 4fffe298803..00000000000
--- a/app/controllers/concerns/google_analytics_csp.rb
+++ /dev/null
@@ -1,40 +0,0 @@
-# frozen_string_literal: true
-
-module GoogleAnalyticsCSP
-  extend ActiveSupport::Concern
-
-  included do
-    content_security_policy do |policy|
-      next unless helpers.google_tag_manager_enabled? || policy.directives.present?
-
-      # Tag Manager with a Content Security Policy for Google Analytics 4
-      # https://developers.google.com/tag-platform/security/guides/csp#google_analytics_4_google_analytics
-
-      default_script_src = policy.directives['script-src'] || policy.directives['default-src']
-      script_src_values = Array.wrap(default_script_src) | ['*.googletagmanager.com']
-      policy.script_src(*script_src_values)
-
-      default_img_src = policy.directives['img-src'] || policy.directives['default-src']
-      img_src_values =
-        Array.wrap(default_img_src) |
-        [
-          '*.google-analytics.com',
-          '*.analytics.google.com',
-          '*.googletagmanager.com',
-          '*.g.doubleclick.net'
-        ]
-      policy.img_src(*img_src_values)
-
-      default_connect_src = policy.directives['connect-src'] || policy.directives['default-src']
-      connect_src_values =
-        Array.wrap(default_connect_src) |
-        [
-          '*.google-analytics.com',
-          '*.analytics.google.com',
-          '*.googletagmanager.com',
-          '*.g.doubleclick.net'
-        ]
-      policy.connect_src(*connect_src_values)
-    end
-  end
-end
diff --git a/app/controllers/concerns/google_syndication_csp.rb b/app/controllers/concerns/google_syndication_csp.rb
deleted file mode 100644
index c55debe448b..00000000000
--- a/app/controllers/concerns/google_syndication_csp.rb
+++ /dev/null
@@ -1,21 +0,0 @@
-# frozen_string_literal: true
-
-module GoogleSyndicationCSP
-  extend ActiveSupport::Concern
-
-  ALLOWED_SRC = ['*.google.com/pagead/landing', 'pagead2.googlesyndication.com/pagead/landing'].freeze
-
-  included do
-    content_security_policy do |policy|
-      next unless helpers.google_tag_manager_enabled? || policy.directives.present?
-
-      connect_src_values = Array.wrap(
-        policy.directives['connect-src'] || policy.directives['default-src']
-      )
-
-      connect_src_values.concat(ALLOWED_SRC) if helpers.google_tag_manager_enabled?
-
-      policy.connect_src(*connect_src_values.uniq)
-    end
-  end
-end
diff --git a/app/controllers/confirmations_controller.rb b/app/controllers/confirmations_controller.rb
index 5ceabaa734a..db1cf31d349 100644
--- a/app/controllers/confirmations_controller.rb
+++ b/app/controllers/confirmations_controller.rb
@@ -4,8 +4,6 @@ class ConfirmationsController < Devise::ConfirmationsController
   include AcceptsPendingInvitations
   include GitlabRecaptcha
   include OneTrustCSP
-  include GoogleAnalyticsCSP
-  include GoogleSyndicationCSP
 
   prepend_before_action :check_recaptcha, only: :create
   before_action :load_recaptcha, only: :new
diff --git a/app/controllers/registrations_controller.rb b/app/controllers/registrations_controller.rb
index a61b2af8117..72636a89433 100644
--- a/app/controllers/registrations_controller.rb
+++ b/app/controllers/registrations_controller.rb
@@ -7,8 +7,6 @@ class RegistrationsController < Devise::RegistrationsController
   include InvisibleCaptchaOnSignup
   include OneTrustCSP
   include BizibleCSP
-  include GoogleAnalyticsCSP
-  include GoogleSyndicationCSP
   include PreferredLanguageSwitcher
   include Gitlab::Tracking::Helpers::WeakPasswordErrorEvent
   include SkipsAlreadySignedInMessage
@@ -27,10 +25,6 @@ class RegistrationsController < Devise::RegistrationsController
     check_rate_limit!(:user_sign_up, scope: request.ip)
   end
 
-  before_action only: [:new] do
-    push_frontend_feature_flag(:gitlab_gtm_datalayer, type: :ops)
-  end
-
   feature_category :instance_resiliency
 
   helper_method :arkose_labs_enabled?
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index afbadc7f4ac..595d79abcf2 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -12,8 +12,6 @@ class SessionsController < Devise::SessionsController
   include OneTrustCSP
   include BizibleCSP
   include VerifiesWithEmail
-  include GoogleAnalyticsCSP
-  include GoogleSyndicationCSP
   include PreferredLanguageSwitcher
   include SkipsAlreadySignedInMessage
   include AcceptsPendingInvitations
diff --git a/app/controllers/users/terms_controller.rb b/app/controllers/users/terms_controller.rb
index f36b140f3a2..f7eb2aad9dc 100644
--- a/app/controllers/users/terms_controller.rb
+++ b/app/controllers/users/terms_controller.rb
@@ -4,7 +4,6 @@ module Users
   class TermsController < ApplicationController
     include InternalRedirect
     include OneTrustCSP
-    include GoogleAnalyticsCSP
 
     skip_before_action :authenticate_user!, only: [:index]
     skip_before_action :enforce_terms!
@@ -14,10 +13,6 @@ module Users
 
     before_action :terms
 
-    before_action only: [:index] do
-      push_frontend_feature_flag(:gitlab_gtm_datalayer, type: :ops)
-    end
-
     layout 'terms'
 
     feature_category :user_management
author	GitLab Bot <gitlab-bot@gitlab.com>	2023-10-14 00:10:27 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2023-10-14 00:10:27 +0300
commit	d6f2690ceeffc5306381618473cc4e3e613ebecf (patch)
tree	96c544ef1f21e66ca2dee9fc692dcdeee590ee2b /app/controllers
parent	718637f88ce9933f581c58e27dfffc389cbb6111 (diff)