diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-10-14 00:10:27 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-10-14 00:10:27 +0300 |
commit | d6f2690ceeffc5306381618473cc4e3e613ebecf (patch) | |
tree | 96c544ef1f21e66ca2dee9fc692dcdeee590ee2b /app/controllers | |
parent | 718637f88ce9933f581c58e27dfffc389cbb6111 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/controllers')
-rw-r--r-- | app/controllers/concerns/google_analytics_csp.rb | 40 | ||||
-rw-r--r-- | app/controllers/concerns/google_syndication_csp.rb | 21 | ||||
-rw-r--r-- | app/controllers/confirmations_controller.rb | 2 | ||||
-rw-r--r-- | app/controllers/registrations_controller.rb | 6 | ||||
-rw-r--r-- | app/controllers/sessions_controller.rb | 2 | ||||
-rw-r--r-- | app/controllers/users/terms_controller.rb | 5 |
6 files changed, 0 insertions, 76 deletions
diff --git a/app/controllers/concerns/google_analytics_csp.rb b/app/controllers/concerns/google_analytics_csp.rb deleted file mode 100644 index 4fffe298803..00000000000 --- a/app/controllers/concerns/google_analytics_csp.rb +++ /dev/null @@ -1,40 +0,0 @@ -# frozen_string_literal: true - -module GoogleAnalyticsCSP - extend ActiveSupport::Concern - - included do - content_security_policy do |policy| - next unless helpers.google_tag_manager_enabled? || policy.directives.present? - - # Tag Manager with a Content Security Policy for Google Analytics 4 - # https://developers.google.com/tag-platform/security/guides/csp#google_analytics_4_google_analytics - - default_script_src = policy.directives['script-src'] || policy.directives['default-src'] - script_src_values = Array.wrap(default_script_src) | ['*.googletagmanager.com'] - policy.script_src(*script_src_values) - - default_img_src = policy.directives['img-src'] || policy.directives['default-src'] - img_src_values = - Array.wrap(default_img_src) | - [ - '*.google-analytics.com', - '*.analytics.google.com', - '*.googletagmanager.com', - '*.g.doubleclick.net' - ] - policy.img_src(*img_src_values) - - default_connect_src = policy.directives['connect-src'] || policy.directives['default-src'] - connect_src_values = - Array.wrap(default_connect_src) | - [ - '*.google-analytics.com', - '*.analytics.google.com', - '*.googletagmanager.com', - '*.g.doubleclick.net' - ] - policy.connect_src(*connect_src_values) - end - end -end diff --git a/app/controllers/concerns/google_syndication_csp.rb b/app/controllers/concerns/google_syndication_csp.rb deleted file mode 100644 index c55debe448b..00000000000 --- a/app/controllers/concerns/google_syndication_csp.rb +++ /dev/null @@ -1,21 +0,0 @@ -# frozen_string_literal: true - -module GoogleSyndicationCSP - extend ActiveSupport::Concern - - ALLOWED_SRC = ['*.google.com/pagead/landing', 'pagead2.googlesyndication.com/pagead/landing'].freeze - - included do - content_security_policy do |policy| - next unless helpers.google_tag_manager_enabled? || policy.directives.present? - - connect_src_values = Array.wrap( - policy.directives['connect-src'] || policy.directives['default-src'] - ) - - connect_src_values.concat(ALLOWED_SRC) if helpers.google_tag_manager_enabled? - - policy.connect_src(*connect_src_values.uniq) - end - end -end diff --git a/app/controllers/confirmations_controller.rb b/app/controllers/confirmations_controller.rb index 5ceabaa734a..db1cf31d349 100644 --- a/app/controllers/confirmations_controller.rb +++ b/app/controllers/confirmations_controller.rb @@ -4,8 +4,6 @@ class ConfirmationsController < Devise::ConfirmationsController include AcceptsPendingInvitations include GitlabRecaptcha include OneTrustCSP - include GoogleAnalyticsCSP - include GoogleSyndicationCSP prepend_before_action :check_recaptcha, only: :create before_action :load_recaptcha, only: :new diff --git a/app/controllers/registrations_controller.rb b/app/controllers/registrations_controller.rb index a61b2af8117..72636a89433 100644 --- a/app/controllers/registrations_controller.rb +++ b/app/controllers/registrations_controller.rb @@ -7,8 +7,6 @@ class RegistrationsController < Devise::RegistrationsController include InvisibleCaptchaOnSignup include OneTrustCSP include BizibleCSP - include GoogleAnalyticsCSP - include GoogleSyndicationCSP include PreferredLanguageSwitcher include Gitlab::Tracking::Helpers::WeakPasswordErrorEvent include SkipsAlreadySignedInMessage @@ -27,10 +25,6 @@ class RegistrationsController < Devise::RegistrationsController check_rate_limit!(:user_sign_up, scope: request.ip) end - before_action only: [:new] do - push_frontend_feature_flag(:gitlab_gtm_datalayer, type: :ops) - end - feature_category :instance_resiliency helper_method :arkose_labs_enabled? diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index afbadc7f4ac..595d79abcf2 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -12,8 +12,6 @@ class SessionsController < Devise::SessionsController include OneTrustCSP include BizibleCSP include VerifiesWithEmail - include GoogleAnalyticsCSP - include GoogleSyndicationCSP include PreferredLanguageSwitcher include SkipsAlreadySignedInMessage include AcceptsPendingInvitations diff --git a/app/controllers/users/terms_controller.rb b/app/controllers/users/terms_controller.rb index f36b140f3a2..f7eb2aad9dc 100644 --- a/app/controllers/users/terms_controller.rb +++ b/app/controllers/users/terms_controller.rb @@ -4,7 +4,6 @@ module Users class TermsController < ApplicationController include InternalRedirect include OneTrustCSP - include GoogleAnalyticsCSP skip_before_action :authenticate_user!, only: [:index] skip_before_action :enforce_terms! @@ -14,10 +13,6 @@ module Users before_action :terms - before_action only: [:index] do - push_frontend_feature_flag(:gitlab_gtm_datalayer, type: :ops) - end - layout 'terms' feature_category :user_management |