Module: Gitlab::ContentSecurityPolicy::Directives

Defined in:: lib/gitlab/content_security_policy/directives.rb

Class Method Summary collapse

Class Method Details

.connect_src ⇒ `Object`



10
11
12

# File 'lib/gitlab/content_security_policy/directives.rb', line 10

def self.connect_src
  "'self'"
end

.frame_src ⇒ `Object`



14
15
16

# File 'lib/gitlab/content_security_policy/directives.rb', line 14

def self.frame_src
  "https://www.google.com/recaptcha/ https://www.recaptcha.net/ https://content.googleapis.com https://content-compute.googleapis.com https://content-cloudbilling.googleapis.com https://content-cloudresourcemanager.googleapis.com https://www.googletagmanager.com/ns.html"
end

.script_src ⇒ `Object`



18
19
20

# File 'lib/gitlab/content_security_policy/directives.rb', line 18

def self.script_src
  "'strict-dynamic' 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.recaptcha.net https://apis.google.com"
end

.style_src ⇒ `Object`



22
23
24

# File 'lib/gitlab/content_security_policy/directives.rb', line 22

def self.style_src
  "'self' 'unsafe-inline'"
end

Module: Gitlab::ContentSecurityPolicy::Directives

Class Method Summary collapse

Class Method Details

.connect_src ⇒ Object

.frame_src ⇒ Object

.script_src ⇒ Object

.style_src ⇒ Object

.connect_src ⇒ `Object`

.frame_src ⇒ `Object`

.script_src ⇒ `Object`

.style_src ⇒ `Object`