Commit a8a61c9d authored by Natalia Tepluhina's avatar Natalia Tepluhina

Merge branch 'buyer-experience-211-bizable' into 'master'

Add Bizible script to sign up pages

See merge request gitlab-org/gitlab!76589
parents 24775542 79a0060d
# frozen_string_literal: true
module BizibleCSP
extend ActiveSupport::Concern
included do
content_security_policy do |policy|
next unless helpers.bizible_enabled? || policy.directives.present?
default_script_src = policy.directives['script-src'] || policy.directives['default-src']
script_src_values = Array.wrap(default_script_src) | ["'unsafe-eval'", 'https://cdn.bizible.com/scripts/bizible.js']
policy.script_src(*script_src_values)
end
end
end
......@@ -6,6 +6,7 @@ class RegistrationsController < Devise::RegistrationsController
include RecaptchaHelper
include InvisibleCaptchaOnSignup
include OneTrustCSP
include BizibleCSP
layout 'devise'
......
......@@ -10,6 +10,7 @@ class SessionsController < Devise::SessionsController
include KnownSignIn
include Gitlab::Utils::StrongMemoize
include OneTrustCSP
include BizibleCSP
skip_before_action :check_two_factor_requirement, only: [:destroy]
skip_before_action :check_password_expiration, only: [:destroy]
......
# frozen_string_literal: true
module BizibleHelper
def bizible_enabled?
Feature.enabled?(:ecomm_instrumentation, type: :ops) &&
Gitlab.config.extra.has_key?('bizible') &&
Gitlab.config.extra.bizible.present? &&
Gitlab.config.extra.bizible == true
end
end
......@@ -4,6 +4,7 @@
- content_for :page_specific_javascripts do
= render "layouts/google_tag_manager_head"
= render "layouts/one_trust"
= render "layouts/bizible"
= render "layouts/google_tag_manager_body"
.well-confirmation.gl-text-center.gl-mb-6
......
......@@ -3,6 +3,7 @@
- content_for :page_specific_javascripts do
= render "layouts/google_tag_manager_head"
= render "layouts/one_trust"
= render "layouts/bizible"
= render "layouts/google_tag_manager_body"
.signup-page
......
- page_title _("Sign in")
- content_for :page_specific_javascripts do
= render "layouts/one_trust"
= render "layouts/bizible"
#signin-container
- if any_form_based_providers_enabled?
......
- if bizible_enabled?
<!-- Bizible -->
= javascript_include_tag "https://cdn.bizible.com/scripts/bizible.js"
= javascript_tag nonce: content_security_policy_nonce do
:plain
const bizibleScript = document.createElement('script');
bizibleScript.src = 'https://cdn.bizible.com/scripts/bizible.js';
bizibleScript.nonce = '#{content_security_policy_nonce}'
bizibleScript.charset = 'UTF-8';
bizibleScript.defer = true;
document.head.appendChild(bizibleScript);
function OptanonWrapper() { }
......@@ -5,6 +5,7 @@
- content_for :page_specific_javascripts do
= render "layouts/google_tag_manager_head"
= render "layouts/one_trust"
= render "layouts/bizible"
= render "layouts/google_tag_manager_body"
.row.gl-flex-grow-1
......
- content_for :page_specific_javascripts do
= render "layouts/google_tag_manager_head"
= render "layouts/one_trust"
= render "layouts/bizible"
= render "layouts/google_tag_manager_body"
#js-terms-of-service{ data: { terms_data: terms_data(@term, @redirect) } }
......@@ -1332,6 +1332,9 @@ production: &base
## OneTrust
# one_trust_id: '_your_one_trust_id'
## Bizible.
# bizible: true
## Matomo analytics.
# matomo_url: '_your_matomo_url'
# matomo_site_id: '_your_matomo_site_id'
......
......@@ -4,6 +4,7 @@
# TODO: namespace https://gitlab.com/gitlab-org/gitlab/-/issues/338394
class TrialRegistrationsController < RegistrationsController
include OneTrustCSP
include BizibleCSP
layout 'minimal'
......
......@@ -3,6 +3,8 @@
- content_for :page_specific_javascripts do
= render "layouts/google_tag_manager_head"
= render "layouts/one_trust"
= render "layouts/bizible"
= render "layouts/google_tag_manager_body"
.row
......
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe 'Bizible content security policy' do
before do
stub_config(extra: { one_trust_id: SecureRandom.uuid })
end
it 'has proper Content Security Policy headers' do
visit root_path
expect(response_headers['Content-Security-Policy']).to include('https://cdn.bizible.com/scripts/bizible.js')
end
end
# frozen_string_literal: true
require "spec_helper"
RSpec.describe BizibleHelper do
describe '#bizible_enabled?' do
before do
stub_config(extra: { bizible: SecureRandom.uuid })
end
context 'when bizible is disabled' do
before do
allow(helper).to receive(:bizible_enabled?).and_return(false)
end
it { is_expected.to be_falsey }
end
context 'when bizible is enabled' do
before do
allow(helper).to receive(:bizible_enabled?).and_return(true)
end
it { is_expected.to be_truthy }
end
subject(:bizible_enabled?) { helper.bizible_enabled? }
context 'with ecomm_instrumentation feature flag disabled' do
before do
stub_feature_flags(ecomm_instrumentation: false)
end
it { is_expected.to be_falsey }
end
context 'with ecomm_instrumentation feature flag enabled' do
context 'when no id is set' do
before do
stub_config(extra: {})
end
it { is_expected.to be_falsey }
end
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment