Add websocket connnection to Content Security Policy for KAS (!127910) · Merge requests · GitLab.org / GitLab

What does this MR do and why?

To be able to connect to kubernetes APIs that require bi-directional communication, such as the exec and attach APIs, the websocket version of the URL must also be added to the content security policy.

Screenshots or screen recordings

How to set up and validate locally

Configure the kubernetes agent
Configure an agent for a project
Navigate to http://gdk.test:3000/h5bp/html5-boilerplate/-/cluster_agents
Inspect CSP for requests, checking the connect-src value.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

For #420190 (closed)

Edited Jul 31, 2023 by Andrew Fontaine

Add websocket connnection to Content Security Policy for KAS

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports