Skip to content

Adding Observability CSP Concern to relevant controllers

What does this MR do and why?

This is a companion MR to !104081 (merged)

In order for us to be able to embed Observability iframe into different parts of GitLab (i.e. issues, MRs, epics - wherever content editor is present ) we need to add the Observability URL in the frame-src CSP policy.

This MR enables such CSP policy for Issues, MR and Epics controller.

This is easily done (and tested) with the recently added (MR) Observability::ContentSecurityPolicy and RSpec.shared_examples 'observability csp policy'

Screenshots or screen recordings

N/A

How to set up and validate locally

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Daniele Rossetti

Merge request reports

Loading