diff options
Diffstat (limited to 'lib/gitlab/middleware')
-rw-r--r-- | lib/gitlab/middleware/compressed_json.rb | 66 | ||||
-rw-r--r-- | lib/gitlab/middleware/go.rb | 2 | ||||
-rw-r--r-- | lib/gitlab/middleware/query_analyzer.rb | 15 | ||||
-rw-r--r-- | lib/gitlab/middleware/release_env.rb | 3 |
4 files changed, 86 insertions, 0 deletions
diff --git a/lib/gitlab/middleware/compressed_json.rb b/lib/gitlab/middleware/compressed_json.rb new file mode 100644 index 00000000000..ef6e0db5673 --- /dev/null +++ b/lib/gitlab/middleware/compressed_json.rb @@ -0,0 +1,66 @@ +# frozen_string_literal: true + +module Gitlab + module Middleware + class CompressedJson + COLLECTOR_PATH = '/api/v4/error_tracking/collector' + MAXIMUM_BODY_SIZE = 200.kilobytes.to_i + + def initialize(app) + @app = app + end + + def call(env) + if compressed_et_request?(env) + input = extract(env['rack.input']) + + if input.length > MAXIMUM_BODY_SIZE + return too_large + end + + env.delete('HTTP_CONTENT_ENCODING') + env['CONTENT_LENGTH'] = input.length + env['rack.input'] = StringIO.new(input) + end + + @app.call(env) + end + + def compressed_et_request?(env) + post_request?(env) && + gzip_encoding?(env) && + match_content_type?(env) && + match_path?(env) + end + + def too_large + [413, { 'Content-Type' => 'text/plain' }, ['Payload Too Large']] + end + + def relative_url + File.join('', Gitlab.config.gitlab.relative_url_root).chomp('/') + end + + def extract(input) + Zlib::GzipReader.new(input).read(MAXIMUM_BODY_SIZE + 1) + end + + def post_request?(env) + env['REQUEST_METHOD'] == 'POST' + end + + def gzip_encoding?(env) + env['HTTP_CONTENT_ENCODING'] == 'gzip' + end + + def match_content_type?(env) + env['CONTENT_TYPE'] == 'application/json' || + env['CONTENT_TYPE'] == 'application/x-sentry-envelope' + end + + def match_path?(env) + env['PATH_INFO'].start_with?((File.join(relative_url, COLLECTOR_PATH))) + end + end + end +end diff --git a/lib/gitlab/middleware/go.rb b/lib/gitlab/middleware/go.rb index a1a0356ff58..bfa4e4cf5f8 100644 --- a/lib/gitlab/middleware/go.rb +++ b/lib/gitlab/middleware/go.rb @@ -27,6 +27,8 @@ module Gitlab path: request.fullpath ) Rack::Response.new('', 403).finish + rescue Gitlab::Auth::MissingPersonalAccessTokenError + Rack::Response.new('', 401).finish end private diff --git a/lib/gitlab/middleware/query_analyzer.rb b/lib/gitlab/middleware/query_analyzer.rb new file mode 100644 index 00000000000..8d63c644a69 --- /dev/null +++ b/lib/gitlab/middleware/query_analyzer.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +module Gitlab + module Middleware + class QueryAnalyzer + def initialize(app) + @app = app + end + + def call(env) + ::Gitlab::Database::QueryAnalyzer.instance.within { @app.call(env) } + end + end + end +end diff --git a/lib/gitlab/middleware/release_env.rb b/lib/gitlab/middleware/release_env.rb index 0719fb2e8c6..2439e873e0b 100644 --- a/lib/gitlab/middleware/release_env.rb +++ b/lib/gitlab/middleware/release_env.rb @@ -1,3 +1,4 @@ +# rubocop:disable Naming/FileName # frozen_string_literal: true module Gitlab @@ -14,3 +15,5 @@ module Gitlab end end end + +# rubocop:enable Naming/FileName |