diff options
Diffstat (limited to 'app/controllers/application_controller.rb')
| -rw-r--r-- | app/controllers/application_controller.rb | 32 |
1 files changed, 2 insertions, 30 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 6739fc57a1f..fca3bb3460f 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -3,7 +3,7 @@ require 'gon' require 'fogbugz' -class ApplicationController < ActionController::Base +class ApplicationController < BaseActionController include Gitlab::GonHelper include Gitlab::NoCacheHeaders include GitlabRoutingHelper @@ -25,7 +25,6 @@ class ApplicationController < ActionController::Base include FlocOptOut include CheckRateLimit include RequestPayloadLogger - extend ContentSecurityPolicyPatch before_action :limit_session_time, if: -> { !current_user } before_action :authenticate_user!, except: [:route_not_found] @@ -113,33 +112,6 @@ class ApplicationController < ActionController::Base render plain: e.message, status: :service_unavailable end - content_security_policy do |p| - next if p.directives.blank? - - if Rails.env.development? && Feature.enabled?(:vite) - vite_host = ViteRuby.instance.config.host - vite_port = ViteRuby.instance.config.port - vite_origin = "#{vite_host}:#{vite_port}" - http_origin = "http://#{vite_origin}" - ws_origin = "ws://#{vite_origin}" - wss_origin = "wss://#{vite_origin}" - gitlab_ws_origin = Gitlab::Utils.append_path(Gitlab.config.gitlab.url, 'vite-dev/') - http_path = Gitlab::Utils.append_path(http_origin, 'vite-dev/') - - connect_sources = p.directives['connect-src'] - p.connect_src(*(Array.wrap(connect_sources) | [ws_origin, wss_origin, http_path])) - - worker_sources = p.directives['worker-src'] - p.worker_src(*(Array.wrap(worker_sources) | [gitlab_ws_origin, http_path])) - end - - next unless Gitlab::CurrentSettings.snowplow_enabled? && !Gitlab::CurrentSettings.snowplow_collector_hostname.blank? - - default_connect_src = p.directives['connect-src'] || p.directives['default-src'] - connect_src_values = Array.wrap(default_connect_src) | [Gitlab::CurrentSettings.snowplow_collector_hostname] - p.connect_src(*connect_src_values) - end - def redirect_back_or_default(default: root_path, options: {}) redirect_back(fallback_location: default, **options) end @@ -325,7 +297,7 @@ class ApplicationController < ActionController::Base return if current_user.nil? if current_user.password_expired? && current_user.allow_password_authentication? - redirect_to new_profile_password_path + redirect_to new_user_settings_password_path end end |