1 files changed, 38 insertions, 0 deletions

diff --git a/lib/gitlab/url_blockers/url_whitelist.rb b/lib/gitlab/url_blockers/url_whitelist.rb
new file mode 100644
index 00000000000..522013db676
--- /dev/null
+++ b/lib/gitlab/url_blockers/url_whitelist.rb
@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module UrlBlockers
+    class UrlWhitelist
+      class << self
+        def ip_whitelisted?(ip_string)
+          ip_whitelist, _ = outbound_local_requests_whitelist_arrays
+          ip_obj = Gitlab::Utils.string_to_ip_object(ip_string)
+
+          ip_whitelist.any? { |ip| ip.include?(ip_obj) }
+        end
+
+        def domain_whitelisted?(domain_string)
+          _, domain_whitelist = outbound_local_requests_whitelist_arrays
+
+          domain_whitelist.include?(domain_string)
+        end
+
+        private
+
+        attr_reader :ip_whitelist, :domain_whitelist
+
+        # We cannot use Gitlab::CurrentSettings as ApplicationSetting itself
+        # calls this class. This ends up in a cycle where
+        # Gitlab::CurrentSettings creates an ApplicationSetting which then
+        # calls this method.
+        #
+        # See https://gitlab.com/gitlab-org/gitlab-ee/issues/9833
+        def outbound_local_requests_whitelist_arrays
+          return [[], []] unless ApplicationSetting.current
+
+          ApplicationSetting.current.outbound_local_requests_whitelist_arrays
+        end
+      end
+    end
+  end
+end