Module: GitlabScriptTagHelper
- Defined in:
- app/helpers/gitlab_script_tag_helper.rb
Instance Method Summary collapse
-
#javascript_include_tag(*sources) ⇒ Object
Override the default ActionView ‘javascript_include_tag` helper to support page specific deferred loading.
-
#javascript_tag(content_or_options_with_block = nil, html_options = {}) ⇒ Object
The helper makes sure the ‘nonce` attribute is included in every script when the content security policy is enabled.
- #preload_link_tag(source, options = {}) ⇒ Object
Instance Method Details
#javascript_include_tag(*sources) ⇒ Object
Override the default ActionView ‘javascript_include_tag` helper to support page specific deferred loading. PLEASE NOTE: `defer` is also critical so that we don’t run JavaScript entrypoints before the DOM is ready. Please see gitlab.com/groups/gitlab-org/-/epics/4538#note_432159769. The helper also makes sure the ‘nonce` attribute is included in every script when the content security policy is enabled.
9 10 11 12 13 |
# File 'app/helpers/gitlab_script_tag_helper.rb', line 9 def javascript_include_tag(*sources) = { defer: true }.merge(sources.) [:nonce] = true super(*sources, **) end |
#javascript_tag(content_or_options_with_block = nil, html_options = {}) ⇒ Object
The helper makes sure the ‘nonce` attribute is included in every script when the content security policy is enabled.
17 18 19 20 21 22 23 24 25 |
# File 'app/helpers/gitlab_script_tag_helper.rb', line 17 def javascript_tag( = nil, = {}) if .is_a?(Hash) [:nonce] = true else [:nonce] = true end super end |
#preload_link_tag(source, options = {}) ⇒ Object
27 28 29 30 31 32 33 |
# File 'app/helpers/gitlab_script_tag_helper.rb', line 27 def preload_link_tag(source, = {}) # Chrome requires a nonce, see https://gitlab.com/gitlab-org/gitlab/-/issues/331810#note_584964908 # It's likely to be a browser bug, but we need to work around it anyway [:nonce] = content_security_policy_nonce super end |