diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-11-11 00:16:16 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-11-11 00:16:16 +0300 |
commit | cdcfa7dc144c949663a02c988994798d894c3a7c (patch) | |
tree | 5e444a2da1f3d727e13c4e4022980f3fbc3b5009 /app/controllers | |
parent | 93b1f84ccb7c18fa6991fb950d54d4c9b6511b6c (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/controllers')
-rw-r--r-- | app/controllers/external_redirect/external_redirect_controller.rb | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/app/controllers/external_redirect/external_redirect_controller.rb b/app/controllers/external_redirect/external_redirect_controller.rb new file mode 100644 index 00000000000..532196157b7 --- /dev/null +++ b/app/controllers/external_redirect/external_redirect_controller.rb @@ -0,0 +1,36 @@ +# frozen_string_literal: true + +module ExternalRedirect + class ExternalRedirectController < ApplicationController + feature_category :navigation + skip_before_action :authenticate_user! + before_action :check_url_param + + def index + if known_url? + redirect_to url_param + else + render layout: 'fullscreen', locals: { + minimal: true, + url: url_param + } + end + end + + private + + def url_param + params['url']&.strip + end + + def known_url? + uri_data = Addressable::URI.parse(url_param) + + uri_data.site == Gitlab.config.gitlab.url + end + + def check_url_param + render_404 unless ::Gitlab::UrlSanitizer.valid_web?(url_param) + end + end +end |