Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/changelogs/unreleased/sh-reject-info-refs-head-requests.yml
diff options
context:
space:
mode:
authorStan Hu <stanhu@gmail.com>2019-03-19 20:02:17 +0300
committerStan Hu <stanhu@gmail.com>2019-03-19 21:23:51 +0300
commitd165754400cd68f116babc1b0f50cf6109e85009 (patch)
tree3f7b9a1d30d072a102657fa78b46b188f88d0fd1 /changelogs/unreleased/sh-reject-info-refs-head-requests.yml
parent934253c9475a2f2d8a562bcc6bbb8a5f52efa713 (diff)
Reject HEAD requests to info/refs endpoint
In production, we see high error rates due to clients attempting to use the dumb Git HTTP protocol with HEAD /foo/bar.git/info/refs endpoint. This isn't supported and causes Error 500s because Workhorse doesn't send along its secret because it's not proxying this request. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/54579
Diffstat (limited to 'changelogs/unreleased/sh-reject-info-refs-head-requests.yml')
-rw-r--r--changelogs/unreleased/sh-reject-info-refs-head-requests.yml5
1 files changed, 5 insertions, 0 deletions
diff --git a/changelogs/unreleased/sh-reject-info-refs-head-requests.yml b/changelogs/unreleased/sh-reject-info-refs-head-requests.yml
new file mode 100644
index 00000000000..0dca18e2fd8
--- /dev/null
+++ b/changelogs/unreleased/sh-reject-info-refs-head-requests.yml
@@ -0,0 +1,5 @@
+---
+title: Reject HEAD requests to info/refs endpoint
+merge_request: 26334
+author:
+type: fixed
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-12 00:20:34 +0300