diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-11-22 00:14:46 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-11-22 00:14:46 +0300 |
| commit | a3e6d34643e760d1a8b8bd1e7e32d8d74c1ea678 (patch) | |
| tree | 1228f600e98bfe626c313ffa61a60a4b7d162426 /doc/development/secure_coding_guidelines.md | |
| parent | d5ff0674315196e88f48dc0838486b44cd005628 (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/development/secure_coding_guidelines.md')
| -rw-r--r-- | doc/development/secure_coding_guidelines.md | 36 |
1 files changed, 34 insertions, 2 deletions
diff --git a/doc/development/secure_coding_guidelines.md b/doc/development/secure_coding_guidelines.md index 946826e72da..17cda7ca1d3 100644 --- a/doc/development/secure_coding_guidelines.md +++ b/doc/development/secure_coding_guidelines.md @@ -1495,11 +1495,43 @@ Logging helps track events for debugging. Logging also allows the application to - An audit trail for log edits must be available. - To avoid data loss, logs must be saved on different storage. -### Who to contact if you have questions +## URL Spoofing + +We want to protect our users from bad actors who might try to use GitLab +features to redirect other users to malicious sites. + +Many features in GitLab allow users to post links to external websites. It is +important that the destination of any user-specified link is made very clear +to the user. + +### `external_redirect_path` + +When presenting links provided by users, if the actual URL is hidden, use the `external_redirect_path` +helper method to redirect the user to a warning page first. For example: + +```ruby +# Bad :( +# This URL comes from User-Land and may not be safe... +# We need the user to *see* where they are going. +link_to foo_social_url(@user), title: "Foo Social" do + sprite_icon('question-o') +end + +# Good :) +# The external_redirect "leaving GitLab" page will show the URL to the user +# before they leave. +link_to external_redirect_path(url: foo_social_url(@user)), title: "Foo" do + sprite_icon('question-o') +end +``` + +Also see this [real-life usage](https://gitlab.com/gitlab-org/gitlab/-/blob/bdba5446903ff634fb12ba695b2de99b6d6881b5/app/helpers/application_helper.rb#L378) as an example. + +## Who to contact if you have questions For general guidance, contact the [Application Security](https://about.gitlab.com/handbook/security/security-engineering/application-security/) team. -### Related topics +## Related topics - [Log system in GitLab](../administration/logs/index.md) - [Audit event development guidelines](../development/audit_event_guide/index.md)) |