diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-01 12:01:19 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-01 12:01:47 +0300 |
| commit | 8d628223c41aabc9d42af95cce1193becffa1b0f (patch) | |
| tree | 9e352a20e7179861431cd7cfc3c45fe5d87bfb49 /lib | |
| parent | 33844e18d2b83dec384549802e4efb20ae964223 (diff) | |
Add latest changes from gitlab-org/security/gitlab@13-8-stable-ee
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/gitlab/url_blocker.rb | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/gitlab/url_blocker.rb b/lib/gitlab/url_blocker.rb index eece2c343d2..10822f943b6 100644 --- a/lib/gitlab/url_blocker.rb +++ b/lib/gitlab/url_blocker.rb @@ -49,10 +49,12 @@ module Gitlab return [uri, nil] unless address_info ip_address = ip_address(address_info) - return [uri, nil] if domain_allowed?(uri) || ip_allowed?(ip_address, port: get_port(uri)) + return [uri, nil] if domain_allowed?(uri) protected_uri_with_hostname = enforce_uri_hostname(ip_address, uri, dns_rebind_protection) + return protected_uri_with_hostname if ip_allowed?(ip_address, port: get_port(uri)) + # Allow url from the GitLab instance itself but only for the configured hostname and ports return protected_uri_with_hostname if internal?(uri) |