diff options
author | Douwe Maan <douwe@gitlab.com> | 2018-03-14 01:38:25 +0300 |
---|---|---|
committer | Mark Fletcher <mark@gitlab.com> | 2018-03-21 17:39:21 +0300 |
commit | 95ced3bb5fa52e166aa03ee592f63180601cbde7 (patch) | |
tree | 8e75e6ccf9a443ba004b11891b84518fd7cfe884 /app/services/submit_usage_ping_service.rb | |
parent | 30c480c2b3f4709f592d8b095f8653df940f6845 (diff) |
Merge branch 'fj-15329-services-callbacks-ssrf' into 'security-10-6'
Server Side Request Forgery in Services and Web Hooks
See merge request gitlab/gitlabhq!2337
Diffstat (limited to 'app/services/submit_usage_ping_service.rb')
-rw-r--r-- | app/services/submit_usage_ping_service.rb | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/app/services/submit_usage_ping_service.rb b/app/services/submit_usage_ping_service.rb index 2623f253d98..ac029fad7ea 100644 --- a/app/services/submit_usage_ping_service.rb +++ b/app/services/submit_usage_ping_service.rb @@ -14,16 +14,17 @@ class SubmitUsagePingService def execute return false unless Gitlab::CurrentSettings.usage_ping_enabled? - response = HTTParty.post( + response = Gitlab::HTTP.post( URL, body: Gitlab::UsageData.to_json(force_refresh: true), + allow_local_requests: true, headers: { 'Content-type' => 'application/json' } ) store_metrics(response) true - rescue HTTParty::Error => e + rescue Gitlab::HTTP::Error => e Rails.logger.info "Unable to contact GitLab, Inc.: #{e}" false |