From d02a25c8704150b5ad0c516720ce625256f7cbac Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Thu, 29 Jun 2023 16:42:19 +0000
Subject: Add latest changes from gitlab-org/gitlab@16-1-stable-ee

---
 app/controllers/concerns/kas_cookie.rb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'app')

diff --git a/app/controllers/concerns/kas_cookie.rb b/app/controllers/concerns/kas_cookie.rb
index c66bf7c9e8c..06a4ee873f8 100644
--- a/app/controllers/concerns/kas_cookie.rb
+++ b/app/controllers/concerns/kas_cookie.rb
@@ -6,6 +6,7 @@ module KasCookie
   included do
     content_security_policy_with_context do |p|
       next unless ::Gitlab::Kas::UserAccess.enabled?
+      next unless Settings.gitlab.content_security_policy['enabled']
 
       kas_url = ::Gitlab::Kas.tunnel_url
       next if URI(kas_url).host == ::Gitlab.config.gitlab.host # already allowed, no need for exception
-- 
cgit v1.2.3