diff options
| author | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-10-24 21:53:21 +0300 |
|---|---|---|
| committer | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-10-24 21:53:21 +0300 |
| commit | b3490cf1f8e87fc8955341ff2492d72836b4ee35 (patch) | |
| tree | 7a425dd23203e476d26ad3e8bd35ef39e58c5c27 /app | |
| parent | c9bcf8fc693c82000181b314f7d0240747e62d02 (diff) | |
| parent | 4b38003d412c6982041c5c3b204d38ed7f53e299 (diff) | |
Merge branch 'security-open-redirect-internalredirect-12-4' into '12-4-stable'
Use the '\A' and '\z' regex anchors in `InternalRedirect` to mitigate an Open Redirect issue.
See merge request gitlab/gitlabhq!3488
Diffstat (limited to 'app')
| -rw-r--r-- | app/controllers/concerns/internal_redirect.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/app/controllers/concerns/internal_redirect.rb b/app/controllers/concerns/internal_redirect.rb index 99bbfd56516..a35bc19aa37 100644 --- a/app/controllers/concerns/internal_redirect.rb +++ b/app/controllers/concerns/internal_redirect.rb @@ -6,7 +6,7 @@ module InternalRedirect def safe_redirect_path(path) return unless path # Verify that the string starts with a `/` and a known route character. - return unless path =~ %r{^/[-\w].*$} + return unless path =~ %r{\A/[-\w].*\z} uri = URI(path) # Ignore anything path of the redirect except for the path, querystring and, |