diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-07-22 03:09:26 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-07-22 03:09:26 +0300 |
commit | 4ab94bde3a2668f456b61bcb8e16780d141035cd (patch) | |
tree | c96824710b4d4841b8eadc56f619abe59c59a892 /doc/development/api_styleguide.md | |
parent | a8394884e257a9cc69090b97104749b590b064fe (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/development/api_styleguide.md')
-rw-r--r-- | doc/development/api_styleguide.md | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/doc/development/api_styleguide.md b/doc/development/api_styleguide.md index 327f919d7f4..651332b4e62 100644 --- a/doc/development/api_styleguide.md +++ b/doc/development/api_styleguide.md @@ -173,7 +173,8 @@ guide on how you can add a new custom validator. validates the parameter value for different cases. Mainly, it checks whether a path is relative and does it contain `../../` relative traversal using `File::Separator` or not, and whether the path is absolute, for example - `/etc/passwd/`. + `/etc/passwd/`. By default, absolute paths are not allowed. However, you can optionally pass in an allowlist for allowed absolute paths in the following way: + `requires :file_path, type: String, file_path: { allowlist: ['/foo/bar/', '/home/foo/', '/app/home'] }` - `Git SHA`: |