diff options
Diffstat (limited to 'app/services/import/gitlab_projects/create_project_from_remote_file_service.rb')
-rw-r--r-- | app/services/import/gitlab_projects/create_project_from_remote_file_service.rb | 21 |
1 files changed, 19 insertions, 2 deletions
diff --git a/app/services/import/gitlab_projects/create_project_from_remote_file_service.rb b/app/services/import/gitlab_projects/create_project_from_remote_file_service.rb index bbfdaf692f9..edb9dc8ad91 100644 --- a/app/services/import/gitlab_projects/create_project_from_remote_file_service.rb +++ b/app/services/import/gitlab_projects/create_project_from_remote_file_service.rb @@ -4,7 +4,10 @@ module Import module GitlabProjects class CreateProjectFromRemoteFileService < CreateProjectFromUploadedFileService FILE_SIZE_LIMIT = 10.gigabytes - ALLOWED_CONTENT_TYPES = ['application/gzip'].freeze + ALLOWED_CONTENT_TYPES = [ + 'application/gzip', # most common content-type when fetching a tar.gz + 'application/x-tar' # aws-s3 uses x-tar for tar.gz files + ].freeze validate :valid_remote_import_url? validate :validate_file_size @@ -44,17 +47,27 @@ module Import end def validate_content_type + # AWS-S3 presigned URLs don't respond to HTTP HEAD requests, + # so file type cannot be validated + # https://gitlab.com/gitlab-org/gitlab/-/merge_requests/75170#note_748059103 + return if amazon_s3? + if headers['content-type'].blank? errors.add(:base, "Missing 'ContentType' header") elsif !ALLOWED_CONTENT_TYPES.include?(headers['content-type']) errors.add(:base, "Remote file content type '%{content_type}' not allowed. (Allowed content types: %{allowed})" % { content_type: headers['content-type'], - allowed: ALLOWED_CONTENT_TYPES.join(',') + allowed: ALLOWED_CONTENT_TYPES.join(', ') }) end end def validate_file_size + # AWS-S3 presigned URLs don't respond to HTTP HEAD requests, + # so file size cannot be validated + # https://gitlab.com/gitlab-org/gitlab/-/merge_requests/75170#note_748059103 + return if amazon_s3? + if headers['content-length'].to_i == 0 errors.add(:base, "Missing 'ContentLength' header") elsif headers['content-length'].to_i > FILE_SIZE_LIMIT @@ -64,6 +77,10 @@ module Import end end + def amazon_s3? + headers['Server'] == 'AmazonS3' && headers['x-amz-request-id'].present? + end + def headers return {} if params[:remote_import_url].blank? || !valid_remote_import_url? |