Add missing report-uri to CSP config

This is supported in Rails 5.2, although it may be deprecated in the future by reports-to.
author: Stan Hu <stanhu@gmail.com> 2019-08-07 21:17:12 +0300
committer: Stan Hu <stanhu@gmail.com> 2019-08-07 21:21:08 +0300
commit: d265408c26b6d4a6087df032b1928d142534d0a6 (patch)
tree: e736852ce97c3709939cc8f1dfef2f95e32392d9 /lib/gitlab/content_security_policy
parent: 8d659869e1d8ef4a844ea03890f42cb80f312fa0 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/gitlab/content_security_policy/config_loader.rb b/lib/gitlab/content_security_policy/config_loader.rb
index b2f3345d33a..ff844645b11 100644
--- a/lib/gitlab/content_security_policy/config_loader.rb
+++ b/lib/gitlab/content_security_policy/config_loader.rb
@@ -5,7 +5,7 @@ module Gitlab
     class ConfigLoader
       DIRECTIVES = %w(base_uri child_src connect_src default_src font_src
                       form_action frame_ancestors frame_src img_src manifest_src
-                      media_src object_src script_src style_src worker_src).freeze
+                      media_src object_src report_uri script_src style_src worker_src).freeze
 
       def self.default_settings_hash
         {
author	Stan Hu <stanhu@gmail.com>	2019-08-07 21:17:12 +0300
committer	Stan Hu <stanhu@gmail.com>	2019-08-07 21:21:08 +0300
commit	d265408c26b6d4a6087df032b1928d142534d0a6 (patch)
tree	e736852ce97c3709939cc8f1dfef2f95e32392d9 /lib/gitlab/content_security_policy
parent	8d659869e1d8ef4a844ea03890f42cb80f312fa0 (diff)