Age | Commit message (Collapse) | Author | |
---|---|---|---|
2018-04-02 | Rename allow_private_networks to allow_local_network | Douwe Maan | |
2018-04-02 | Raise more descriptive errors when URLs are blocked | Douwe Maan | |
2018-04-02 | Adds validators and rack cookie helper | James Edwards-Jones | |
These changes are backported from EE, related to SAML settings in https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/4549 | |||
2018-03-22 | Add HTTPS-only pages | Rob Watson | |
Closes #28857 | |||
2018-03-21 | Merge branch 'fj-15329-services-callbacks-ssrf' into 'security-10-6' | Douwe Maan | |
Server Side Request Forgery in Services and Web Hooks See merge request gitlab/gitlabhq!2337 | |||
2018-03-05 | Projects and groups badges API | Francisco Javier López | |
2018-02-23 | Skip variables duplicates validator if variable is already a duplicate | Matija Čupić | |
2018-02-15 | Improve validation message and add changelog | Kamil Trzciński | |
2018-02-14 | Refactor variable duplicates error message | Matija Čupić | |
2018-02-14 | Add more information in variable_duplicates validator error message | Matija Čupić | |
2018-02-13 | Refactor outer anonymous function into a do block | Matija Čupić | |
2018-02-13 | Disable public send cop in variables duplicates validator | Matija Čupić | |
2018-02-13 | Extend variables_duplicates validator with scope handling | Matija Čupić | |
2018-02-06 | Validate User username only on Namespace, and bubble up appropriately | Douwe Maan | |
2017-12-05 | Second iteration of Move Kubernetes from service to Cluster page | Filipa Lacerda | |
2017-11-16 | Adds Rubocop rule for line break after guard clause | Jacopo | |
Adds a rubocop rule (with autocorrect) to ensure line break after guard clauses. | |||
2017-11-07 | Merge branch 'refactor-clusters' into 'master' | Grzegorz Bizon | |
Refactor Clusters to be consisted from GcpProvider and KubernetesPlatform See merge request gitlab-org/gitlab-ce!14879 | |||
2017-11-06 | Reallow project paths ending in periods | Douwe Maan | |
2017-10-29 | specs for models. Improved details. | Shinya Maeda | |
2017-10-23 | This works | Shinya Maeda | |
2017-08-30 | Move the key restriction validation to its own class | Nick Thomas | |
2017-07-05 | Implement ayufan validator2 | Shinya Maeda | |
2017-07-05 | Implement ayufan validator | Shinya Maeda | |
2017-07-05 | Revert "Implement Ci::NestedUniquenessValidator" | Shinya Maeda | |
This reverts commit 8f0a2b6d780347a5ce258ac1a6a6902ce9695ca1. | |||
2017-07-05 | Implement Ci::NestedUniquenessValidator | Shinya Maeda | |
2017-07-05 | Implement uniqueness_of_in_memory_validator | Shinya Maeda | |
2017-06-21 | Rebuild the dynamic path before validating it | Bob Van Landuyt | |
Otherwise we won't validate updates to the path. Allowing users to change the path to something that's not allowed. | |||
2017-06-02 | Rename `Gitlab::Git::EncodingHelper` to `Gitlab::EncodingHelper` | Bob Van Landuyt | |
2017-05-30 | Avoid crash when trying to parse string with invalid UTF-8 sequence | Bob Van Landuyt | |
2017-05-24 | Revert "Remove changes that are not absolutely necessary" | Douwe Maan | |
This reverts commit b0498c176fa134761d899c9b369be12f1ca789c5 | |||
2017-05-24 | Remove changes that are not absolutely necessary | Douwe Maan | |
2017-05-24 | Fix ambiguous routing issues by teaching router about reserved words | Douwe Maan | |
2017-05-04 | Reject EE reserved namespace paths in CE as well | Bob Van Landuyt | |
2017-05-02 | Don't validate reserved words if the format doesn't match | Bob Van Landuyt | |
Because it also won't match the sophisticated format we have for detecting reserved names. We don't want to confuse the user with 2 error messages | |||
2017-05-02 | Update comments | Bob Van Landuyt | |
2017-05-02 | Update path validation & specs | Bob Van Landuyt | |
2017-05-02 | Reuse Gitlab::Regex.full_namespace_regex in the DynamicPathValidator | Bob Van Landuyt | |
2017-05-01 | Reject group-routes as names of child namespaces | Bob Van Landuyt | |
2017-05-01 | Reject paths following namespace for paths including 2 `*` | Bob Van Landuyt | |
Reject the part following `/*namespace_id/:project_id` for paths containing 2 wildcard parameters | |||
2017-05-01 | Allow `graphs` & `refs` project names | Bob Van Landuyt | |
2017-05-01 | Minor style adjustments | Bob Van Landuyt | |
2017-05-01 | Use `%r{}` regexes to avoid having to escape `/` | Bob Van Landuyt | |
2017-05-01 | The dynamic path validator can block out partial paths | Bob Van Landuyt | |
So we can block `objects` only when it is contained in `info/lfs` or `gitlab-lfs` | |||
2017-05-01 | Make path validation case-insensitive | Bob Van Landuyt | |
2017-05-01 | Reject `-` as a path | Bob Van Landuyt | |
2017-05-01 | Rename `NamespaceValidator` to `DynamicPathValidator` | Bob Van Landuyt | |
This reflects better that it validates paths instead of a namespace model | |||
2017-05-01 | Use the namespace validator for validating all paths | Bob Van Landuyt | |
Since the namespacevalidator now knows the difference between a top-level and another path, this could all be handled there. | |||
2017-05-01 | Check `has_parent?` for determining validation type | Bob Van Landuyt | |
2017-05-01 | Split off validating full paths | Bob Van Landuyt | |
The first part of a full path needs to be validated as a `top_level` while the rest need to be validated as `wildcard` | |||
2017-05-01 | Improve detection of reserved words from routes | Bob Van Landuyt | |