diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-02 03:09:14 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-02 03:09:14 +0300 |
commit | d8714cf67ce4db786b26b64f0f0bef50fb6976e6 (patch) | |
tree | 9a3cc1da29cb2a16113b6b8a1a48b82f368cbb22 /lib/gitlab/url_blocker.rb | |
parent | 3feea9b6078811d20b42548ba98272eeed5af9e4 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/gitlab/url_blocker.rb')
-rw-r--r-- | lib/gitlab/url_blocker.rb | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/gitlab/url_blocker.rb b/lib/gitlab/url_blocker.rb index eece2c343d2..10822f943b6 100644 --- a/lib/gitlab/url_blocker.rb +++ b/lib/gitlab/url_blocker.rb @@ -49,10 +49,12 @@ module Gitlab return [uri, nil] unless address_info ip_address = ip_address(address_info) - return [uri, nil] if domain_allowed?(uri) || ip_allowed?(ip_address, port: get_port(uri)) + return [uri, nil] if domain_allowed?(uri) protected_uri_with_hostname = enforce_uri_hostname(ip_address, uri, dns_rebind_protection) + return protected_uri_with_hostname if ip_allowed?(ip_address, port: get_port(uri)) + # Allow url from the GitLab instance itself but only for the configured hostname and ports return protected_uri_with_hostname if internal?(uri) |