diff options
author | Stan Hu <stanhu@gmail.com> | 2019-03-19 20:02:17 +0300 |
---|---|---|
committer | Stan Hu <stanhu@gmail.com> | 2019-03-19 21:23:51 +0300 |
commit | d165754400cd68f116babc1b0f50cf6109e85009 (patch) | |
tree | 3f7b9a1d30d072a102657fa78b46b188f88d0fd1 /changelogs/unreleased/sh-reject-info-refs-head-requests.yml | |
parent | 934253c9475a2f2d8a562bcc6bbb8a5f52efa713 (diff) |
Reject HEAD requests to info/refs endpoint
In production, we see high error rates due to clients attempting to use
the dumb Git HTTP protocol with HEAD /foo/bar.git/info/refs
endpoint. This isn't supported and causes Error 500s because Workhorse
doesn't send along its secret because it's not proxying this request.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/54579
Diffstat (limited to 'changelogs/unreleased/sh-reject-info-refs-head-requests.yml')
-rw-r--r-- | changelogs/unreleased/sh-reject-info-refs-head-requests.yml | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/changelogs/unreleased/sh-reject-info-refs-head-requests.yml b/changelogs/unreleased/sh-reject-info-refs-head-requests.yml new file mode 100644 index 00000000000..0dca18e2fd8 --- /dev/null +++ b/changelogs/unreleased/sh-reject-info-refs-head-requests.yml @@ -0,0 +1,5 @@ +--- +title: Reject HEAD requests to info/refs endpoint +merge_request: 26334 +author: +type: fixed |