From 304e440f88a3eccba60bc1ba8f0be40d1f623bc4 Mon Sep 17 00:00:00 2001
From: kenkiku1021 <ken@nuasa.org>
Date: Tue, 15 Oct 2024 18:28:07 +0900
Subject: [PATCH] add SWIFT object storage uri to CSP media hosts (#32439)

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
---
 app/lib/content_security_policy.rb | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/app/lib/content_security_policy.rb b/app/lib/content_security_policy.rb
index 0b60b0d98c..c764d1856d 100644
--- a/app/lib/content_security_policy.rb
+++ b/app/lib/content_security_policy.rb
@@ -36,7 +36,7 @@ class ContentSecurityPolicy
   end
 
   def cdn_host_value
-    s3_alias_host || s3_cloudfront_host || azure_alias_host || s3_hostname_host
+    s3_alias_host || s3_cloudfront_host || azure_alias_host || s3_hostname_host || swift_object_url
   end
 
   def paperclip_root_url
@@ -72,6 +72,14 @@ class ContentSecurityPolicy
     host_to_url ENV.fetch('S3_HOSTNAME', nil)
   end
 
+  def swift_object_url
+    url = ENV.fetch('SWIFT_OBJECT_URL', nil)
+    return if url.blank? || !url.start_with?('https://')
+
+    url += '/' unless url.end_with?('/')
+    url
+  end
+
   def uri_from_configuration_and_string(host_string)
     Addressable::URI.parse("#{host_protocol}://#{host_string}").tap do |uri|
       uri.path += '/' unless uri.path.blank? || uri.path.end_with?('/')
-- 
GitLab