diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-06-29 19:42:19 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-06-29 19:42:19 +0300 |
commit | d02a25c8704150b5ad0c516720ce625256f7cbac (patch) | |
tree | 597b3a8487abe246462951cdf1cfbf53aa0700be /app | |
parent | 751cb432aab9837d3174bcdb309fae765925c869 (diff) |
Add latest changes from gitlab-org/gitlab@16-1-stable-ee
Diffstat (limited to 'app')
-rw-r--r-- | app/controllers/concerns/kas_cookie.rb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/app/controllers/concerns/kas_cookie.rb b/app/controllers/concerns/kas_cookie.rb index c66bf7c9e8c..06a4ee873f8 100644 --- a/app/controllers/concerns/kas_cookie.rb +++ b/app/controllers/concerns/kas_cookie.rb @@ -6,6 +6,7 @@ module KasCookie included do content_security_policy_with_context do |p| next unless ::Gitlab::Kas::UserAccess.enabled? + next unless Settings.gitlab.content_security_policy['enabled'] kas_url = ::Gitlab::Kas.tunnel_url next if URI(kas_url).host == ::Gitlab.config.gitlab.host # already allowed, no need for exception |