Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/services
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2020-09-02 01:56:42 +0300
committerGitLab Bot <gitlab-bot@gitlab.com>2020-09-02 01:56:42 +0300
commit05aac11ac90b9157ea39944abfcf6be3fd8f9fb9 (patch)
tree845215e22003e8f19a959bd526f3f5ef6ad81883 /app/services
parentd40003afdea391c2d1396f3ab6c78705fa6d2a79 (diff)
Add latest changes from gitlab-org/security/gitlab@13-3-stable-ee
Diffstat (limited to 'app/services')
-rw-r--r--app/services/projects/update_remote_mirror_service.rb4
1 files changed, 4 insertions, 0 deletions
diff --git a/app/services/projects/update_remote_mirror_service.rb b/app/services/projects/update_remote_mirror_service.rb
index fe2610f89fb..7961f689259 100644
--- a/app/services/projects/update_remote_mirror_service.rb
+++ b/app/services/projects/update_remote_mirror_service.rb
@@ -7,6 +7,10 @@ module Projects
def execute(remote_mirror, tries)
return success unless remote_mirror.enabled?
+ if Gitlab::UrlBlocker.blocked_url?(CGI.unescape(Gitlab::UrlSanitizer.sanitize(remote_mirror.url)))
+ return error("The remote mirror URL is invalid.")
+ end
+
update_mirror(remote_mirror)
success
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-14 11:13:43 +0300