Merge branch 'sh-block-other-localhost-11-3' into 'security-11-3'

[11.3] Prevent SSRF attacks in HipChat integration See merge request gitlab/gitlabhq!2548
author: Thiago Presa <tpresa@gitlab.com> 2018-10-23 05:20:26 +0300
committer: Thiago Presa <tpresa@gitlab.com> 2018-10-25 03:38:43 +0300
commit: 5bc0403f4516faff376b9d2de54ebb7cf2747aa1 (patch)
tree: 59ba5fa7b5ecd494b8553466fe56dbb7ed4a7bbe /config
parent: 3c1fdf6b5fd478d395b13b3b40ab3d1de20ed7e1 (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/config/initializers/hipchat_client_patch.rb b/config/initializers/hipchat_client_patch.rb
new file mode 100644
index 00000000000..aec265312bb
--- /dev/null
+++ b/config/initializers/hipchat_client_patch.rb
@@ -0,0 +1,14 @@
+# This monkey patches the HTTParty used in https://github.com/hipchat/hipchat-rb.
+module HipChat
+  class Client
+    connection_adapter ::Gitlab::ProxyHTTPConnectionAdapter
+  end
+
+  class Room
+    connection_adapter ::Gitlab::ProxyHTTPConnectionAdapter
+  end
+
+  class User
+    connection_adapter ::Gitlab::ProxyHTTPConnectionAdapter
+  end
+end
author	Thiago Presa <tpresa@gitlab.com>	2018-10-23 05:20:26 +0300
committer	Thiago Presa <tpresa@gitlab.com>	2018-10-25 03:38:43 +0300
commit	5bc0403f4516faff376b9d2de54ebb7cf2747aa1 (patch)
tree	59ba5fa7b5ecd494b8553466fe56dbb7ed4a7bbe /config
parent	3c1fdf6b5fd478d395b13b3b40ab3d1de20ed7e1 (diff)