Make enabling content_security_policy configurable via gdk.yml
What does this Merge Request do and why?
This MR adds the gitlab.rails.content_security_policy.enabled
setting (enabled
by default) along with accompanying gitlab/config/gitlab.yml
template changes and assists with https://gitlab.com/gitlab-org/analytics-section/product-analytics/devkit#disable-cors.
Merge Request checklist
-
This change is backward compatible. If not, please include steps to communicate to our users. -
Tests added for new functionality. If not, please raise Issue to follow-up. -
Documentation added/updated, if needed. -
gdk doctor
test added, if needed. -
Add the ~highlight
label if this MR should be included in theCHANGELOG.md
.
Edited by Ash McKenzie