diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-12-20 16:37:47 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-12-20 16:37:47 +0300 |
commit | aee0a117a889461ce8ced6fcf73207fe017f1d99 (patch) | |
tree | 891d9ef189227a8445d83f35c1b0fc99573f4380 /app/services/protected_branches | |
parent | 8d46af3258650d305f53b819eabf7ab18d22f59e (diff) |
Add latest changes from gitlab-org/gitlab@14-6-stable-eev14.6.0-rc42
Diffstat (limited to 'app/services/protected_branches')
-rw-r--r-- | app/services/protected_branches/base_service.rb | 17 |
1 files changed, 5 insertions, 12 deletions
diff --git a/app/services/protected_branches/base_service.rb b/app/services/protected_branches/base_service.rb index df801311aaf..1ab3ccfcaae 100644 --- a/app/services/protected_branches/base_service.rb +++ b/app/services/protected_branches/base_service.rb @@ -2,6 +2,8 @@ module ProtectedBranches class BaseService < ::BaseService + include ProtectedRefNameSanitizer + # current_user - The user that performs the action # params - A hash of parameters def initialize(project, current_user = nil, params = {}) @@ -14,22 +16,13 @@ module ProtectedBranches # overridden in EE::ProtectedBranches module end + private + def filtered_params return unless params - params[:name] = sanitize_branch_name(params[:name]) if params[:name].present? + params[:name] = sanitize_name(params[:name]) if params[:name].present? params end - - private - - def sanitize_branch_name(name) - name = CGI.unescapeHTML(name) - name = Sanitize.fragment(name) - - # Sanitize.fragment escapes HTML chars, so unescape again to allow names - # like `feature->master` - CGI.unescapeHTML(name) - end end end |