Override hostname when connecting via Kubeclient

Kubeclient uses rest-client. We hack into to access the net/http object so that we can patch to connect to the resolved IP + set hostname_override. Add specs for discord. The discord integration also uses rest-client, so since we patched rest-client, spec that the DNS rebinding protection works
author: Thong Kuah <tkuah@gitlab.com> 2019-07-19 05:12:02 +0300
committer: Thong Kuah <tkuah@gitlab.com> 2019-08-21 05:27:47 +0300
commit: c3cdafdb7e520f2e8e205f87cf977dc8560f7a2a (patch)
tree: 600df8a9feee3c257aeee0b1eb5f14a1d4c6fc18 /changelogs
parent: 9d301fac4a129875f2eb31b04cedfa37f9dd932e (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/changelogs/unreleased/security-ssrf-kubernetes-dns.yml b/changelogs/unreleased/security-ssrf-kubernetes-dns.yml
new file mode 100644
index 00000000000..4d6335e4b08
--- /dev/null
+++ b/changelogs/unreleased/security-ssrf-kubernetes-dns.yml
@@ -0,0 +1,5 @@
+---
+title: Fix SSRF via DNS rebinding in Kubernetes Integration
+merge_request:
+author:
+type: security
author	Thong Kuah <tkuah@gitlab.com>	2019-07-19 05:12:02 +0300
committer	Thong Kuah <tkuah@gitlab.com>	2019-08-21 05:27:47 +0300
commit	c3cdafdb7e520f2e8e205f87cf977dc8560f7a2a (patch)
tree	600df8a9feee3c257aeee0b1eb5f14a1d4c6fc18 /changelogs
parent	9d301fac4a129875f2eb31b04cedfa37f9dd932e (diff)