diff options
author | Francisco Javier López <fjlopez@gitlab.com> | 2018-06-01 14:43:53 +0300 |
---|---|---|
committer | Douwe Maan <douwe@gitlab.com> | 2018-06-01 14:43:53 +0300 |
commit | 840f80d48b7d8363f171f6137cd9f1fbafb52bfc (patch) | |
tree | 612c6f9b846f9f2f3b44931db12557024c49ef66 /app/models/project_services/jira_service.rb | |
parent | e206e32881e4fbfcbe647d7b2ee713c99ef1bf99 (diff) |
Add validation to webhook and service URLs to ensure they are not blocked because of SSRF
Diffstat (limited to 'app/models/project_services/jira_service.rb')
-rw-r--r-- | app/models/project_services/jira_service.rb | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/app/models/project_services/jira_service.rb b/app/models/project_services/jira_service.rb index ed4bbfb6cfc..eb3261c902f 100644 --- a/app/models/project_services/jira_service.rb +++ b/app/models/project_services/jira_service.rb @@ -3,8 +3,8 @@ class JiraService < IssueTrackerService include ApplicationHelper include ActionView::Helpers::AssetUrlHelper - validates :url, url: true, presence: true, if: :activated? - validates :api_url, url: true, allow_blank: true + validates :url, public_url: true, presence: true, if: :activated? + validates :api_url, public_url: true, allow_blank: true validates :username, presence: true, if: :activated? validates :password, presence: true, if: :activated? |