diff --git a/lib/csp.js b/lib/csp.js
index 82573beaf..dc3706e2a 100644
--- a/lib/csp.js
+++ b/lib/csp.js
@@ -50,6 +50,10 @@ const allowPDFEmbedDirectives = {
   frameSrc: ['*'] // Chrome also checks PDFs against frame-src
 }
 
+const configuredGitLabInstanceDirectives = {
+  connectSrc: [config.gitlab.baseURL]
+}
+
 CspStrategy.computeDirectives = function () {
   const directives = {}
   mergeDirectives(directives, config.csp.directives)
@@ -59,6 +63,7 @@ CspStrategy.computeDirectives = function () {
   mergeDirectivesIf(config.dropbox.appKey, directives, dropboxDirectives)
   mergeDirectivesIf(!config.csp.allowFraming, directives, disallowFramingDirectives)
   mergeDirectivesIf(config.csp.allowPDFEmbed, directives, allowPDFEmbedDirectives)
+  mergeDirectivesIf(config.isGitlabSnippetsEnable, directives, configuredGitLabInstanceDirectives)
   addInlineScriptExceptions(directives)
   addUpgradeUnsafeRequestsOptionTo(directives)
   addReportURI(directives)
diff --git a/lib/response.js b/lib/response.js
index 44696a55f..f6bb6efd6 100644
--- a/lib/response.js
+++ b/lib/response.js
@@ -156,9 +156,13 @@ function gitlabActionProjects (req, res, note) {
       if (!user) {
         return errors.errorNotFound(res)
       }
-      const ret = { baseURL: config.gitlab.baseURL, version: config.gitlab.version }
-      ret.accesstoken = user.accessToken
-      ret.profileid = user.profileid
+      const ret = {
+        baseURL: config.gitlab.baseURL,
+        version: config.gitlab.version,
+        accesstoken: user.accessToken,
+        profileid: user.profileid,
+        projects: []
+      }
       const apiUrl = `${config.gitlab.baseURL}/api/${config.gitlab.version}/projects?membership=yes&per_page=100&access_token=${user.accessToken}`
       fetch(apiUrl).then(resp => {
         if (!resp.ok) {
diff --git a/public/docs/release-notes.md b/public/docs/release-notes.md
index a6cc80720..e31a33789 100644
--- a/public/docs/release-notes.md
+++ b/public/docs/release-notes.md
@@ -6,6 +6,7 @@
 - Fix error that Libravatar user avatars were not shown when using OAuth2 login
 - Fix `bin/manage_users` not accepting numeric passwords (thanks to [@carr0t2](https://github.com/carr0t2) for reporting)
 - Fix visibility of modals for screen readers
+- Fix GitLab snippet export (thanks to [@semjongeist](https://github.com/semjongeist) for reporting)
 - Fix missing inline authorship colors (thanks to [@EBendinelli](https://github.com/EBendinelli) for reporting)
 
 ### Enhancements
diff --git a/public/js/index.js b/public/js/index.js
index de2a35221..763093805 100644
--- a/public/js/index.js
+++ b/public/js/index.js
@@ -1921,9 +1921,12 @@ $('#snippetExportModalConfirm').click(function () {
 
   const data = {
     title: $('#snippetExportModalTitle').val(),
-    file_name: $('#snippetExportModalFileName').val(),
-    code: editor.getValue(),
-    visibility_level: $('#snippetExportModalVisibility').val(),
+    files: [
+      {
+        file_path: $('#snippetExportModalFileName').val(),
+        content: editor.getValue()
+      }
+    ],
     visibility:
       $('#snippetExportModalVisibility').val() === '0'
         ? 'private'
@@ -1934,40 +1937,27 @@ $('#snippetExportModalConfirm').click(function () {
 
   if (
     !data.title ||
-    !data.file_name ||
-    !data.code ||
-    !data.visibility_level ||
+    !data.files[0].file_path ||
+    !data.files[0].content ||
     !$('#snippetExportModalProjects').val()
   ) { return }
   $('#snippetExportModalLoading').show()
-  const fullURL =
-    baseURL +
-    '/api/' +
-    version +
-    '/projects/' +
-    $('#snippetExportModalProjects').val() +
-    '/snippets?access_token=' +
-    accesstoken
-  $.post(fullURL, data, function (ret) {
-    $('#snippetExportModalLoading').hide()
-    $('#snippetExportModal').modal('hide')
-    const redirect =
-      baseURL +
-      '/' +
-      $(
-        "#snippetExportModalProjects option[value='" +
-          $('#snippetExportModalProjects').val() +
-          "']"
-      ).text() +
-      '/snippets/' +
-      ret.id
-    showMessageModal(
-      '<i class="fa fa-gitlab"></i> Export to Snippet',
-      'Export Successful!',
-      redirect,
-      'View Snippet Here',
-      true
-    )
+  const fullURL = `${baseURL}/api/${version}/projects/${$('#snippetExportModalProjects').val()}/snippets?access_token=${accesstoken}`
+  $.ajax(fullURL, {
+    data: JSON.stringify(data),
+    contentType: 'application/json',
+    type: 'POST',
+    success: function (ret) {
+      $('#snippetExportModalLoading').hide()
+      $('#snippetExportModal').modal('hide')
+      showMessageModal(
+        '<i class="fa fa-gitlab"></i> Export to Snippet',
+        'Export Successful!',
+        ret.web_url,
+        'View Snippet Here',
+        true
+      )
+    }
   })
 })
 
diff --git a/test/csp.js b/test/csp.js
index a1edc9e95..afb959264 100644
--- a/test/csp.js
+++ b/test/csp.js
@@ -29,6 +29,9 @@ describe('Content security policies', function () {
       },
       dropbox: {
         appKey: undefined
+      },
+      gitlab: {
+        baseURL: undefined
       }
     }
   })