root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
104,474 Commits 9,131 Branches 1,640 Tags 2 GiB
Commit Graph

21 Commits

Author SHA1 Message Date
GitLab Bot 43a25d93eb Add latest changes from gitlab-org/gitlab@16-0-stable-ee 2023-05-17 16:05:49 +00:00
GitLab Bot 71786ddc8e Add latest changes from gitlab-org/gitlab@15-9-stable-ee 2023-02-20 13:49:51 +00:00
GitLab Bot 0c872e02b2 Add latest changes from gitlab-org/gitlab@15-7-stable-ee 2022-12-20 14:22:11 +00:00
GitLab Bot 7021455bd1 Add latest changes from gitlab-org/gitlab@15-6-stable-ee 2022-11-17 11:33:21 +00:00
GitLab Bot b64b61bfe7 Add latest changes from gitlab-org/security/gitlab@15-5-stable-ee 2022-11-01 11:53:21 +00:00
GitLab Bot b595cb0c1d Add latest changes from gitlab-org/gitlab@15-2-stable-ee 2022-07-20 15:40:28 +00:00
GitLab Bot 0ea3fcec39 Add latest changes from gitlab-org/gitlab@15-1-stable-ee 2022-06-20 11:10:13 +00:00
GitLab Bot 36a59d088e Add latest changes from gitlab-org/gitlab@15-0-stable-ee 2022-05-19 07:33:21 +00:00
GitLab Bot 3cccd102ba Add latest changes from gitlab-org/gitlab@14-10-stable-ee 2022-04-20 10:00:54 +00:00
GitLab Bot 41fe97390c Add latest changes from gitlab-org/gitlab@14-9-stable-ee 2022-03-18 20:02:30 +00:00
GitLab Bot edaa33dee2 Add latest changes from gitlab-org/gitlab@14-7-stable-ee 2022-01-20 09:16:11 +00:00
GitLab Bot aee0a117a8 Add latest changes from gitlab-org/gitlab@14-6-stable-ee 2021-12-20 13:37:47 +00:00
GitLab Bot 311b0269b4 Add latest changes from gitlab-org/gitlab@14-5-stable-ee 2021-11-18 13:16:36 +00:00
GitLab Bot d9ab72d608 Add latest changes from gitlab-org/gitlab@14-4-stable-ee 2021-10-20 08:43:02 +00:00
GitLab Bot b76ae63846 Add latest changes from gitlab-org/gitlab@14-2-stable-ee 2021-08-19 09:08:42 +00:00
GitLab Bot e8d2c25793 Add latest changes from gitlab-org/gitlab@14-1-stable-ee 2021-07-20 09:55:51 +00:00
GitLab Bot a5f4bba440 Add latest changes from gitlab-org/gitlab@14-0-stable-ee 2021-06-16 18:25:58 +00:00
GitLab Bot 08086ff522 Add latest changes from gitlab-org/gitlab@13-12-stable-ee 2021-06-07 14:47:00 +00:00
GitLab Bot 4555e1b21c Add latest changes from gitlab-org/gitlab@13-12-stable-ee 2021-05-19 15:44:42 +00:00
Stan Hu d265408c26 Add missing report-uri to CSP config 
This is supported in Rails 5.2, although it may be
deprecated in the future by reports-to.
 2019-08-07 11:21:08 -07:00
Stan Hu 5fbbd3dd6e
Add support for Content-Security-Policy 
A nonce-based Content-Security-Policy thwarts XSS attacks by allowing
inline JavaScript to execute if the script nonce matches the header
value. Rails 5.2 supports nonce-based Content-Security-Policy headers,
so provide configuration to enable this and make it work.

To support this, we need to change all `:javascript` HAML filters to the
following form:

```
= javascript_tag nonce: true do
  :plain
    ...
```

We use `%script` throughout our HAML to store JSON and other text, but
since this doesn't execute, browsers don't appear to block this content
from being used and require the nonce value to be present.
 2019-08-07 12:37:31 +10:00