Age | Commit message (Collapse) | Author | |
---|---|---|---|
2017-06-02 | Rename `Gitlab::Git::EncodingHelper` to `Gitlab::EncodingHelper` | Bob Van Landuyt | |
2017-05-30 | Avoid crash when trying to parse string with invalid UTF-8 sequence | Bob Van Landuyt | |
2017-05-24 | Revert "Remove changes that are not absolutely necessary" | Douwe Maan | |
This reverts commit b0498c176fa134761d899c9b369be12f1ca789c5 | |||
2017-05-24 | Remove changes that are not absolutely necessary | Douwe Maan | |
2017-05-24 | Fix ambiguous routing issues by teaching router about reserved words | Douwe Maan | |
2017-05-04 | Reject EE reserved namespace paths in CE as well | Bob Van Landuyt | |
2017-05-02 | Don't validate reserved words if the format doesn't match | Bob Van Landuyt | |
Because it also won't match the sophisticated format we have for detecting reserved names. We don't want to confuse the user with 2 error messages | |||
2017-05-02 | Update comments | Bob Van Landuyt | |
2017-05-02 | Update path validation & specs | Bob Van Landuyt | |
2017-05-02 | Reuse Gitlab::Regex.full_namespace_regex in the DynamicPathValidator | Bob Van Landuyt | |
2017-05-01 | Reject group-routes as names of child namespaces | Bob Van Landuyt | |
2017-05-01 | Reject paths following namespace for paths including 2 `*` | Bob Van Landuyt | |
Reject the part following `/*namespace_id/:project_id` for paths containing 2 wildcard parameters | |||
2017-05-01 | Allow `graphs` & `refs` project names | Bob Van Landuyt | |
2017-05-01 | Minor style adjustments | Bob Van Landuyt | |
2017-05-01 | Use `%r{}` regexes to avoid having to escape `/` | Bob Van Landuyt | |
2017-05-01 | The dynamic path validator can block out partial paths | Bob Van Landuyt | |
So we can block `objects` only when it is contained in `info/lfs` or `gitlab-lfs` | |||
2017-05-01 | Make path validation case-insensitive | Bob Van Landuyt | |
2017-05-01 | Reject `-` as a path | Bob Van Landuyt | |
2017-05-01 | Rename `NamespaceValidator` to `DynamicPathValidator` | Bob Van Landuyt | |
This reflects better that it validates paths instead of a namespace model | |||
2017-05-01 | Use the namespace validator for validating all paths | Bob Van Landuyt | |
Since the namespacevalidator now knows the difference between a top-level and another path, this could all be handled there. | |||
2017-05-01 | Check `has_parent?` for determining validation type | Bob Van Landuyt | |
2017-05-01 | Split off validating full paths | Bob Van Landuyt | |
The first part of a full path needs to be validated as a `top_level` while the rest need to be validated as `wildcard` | |||
2017-05-01 | Improve detection of reserved words from routes | Bob Van Landuyt | |
2017-05-01 | Streamline the path validation in groups & projects | Bob Van Landuyt | |
`Project` uses `ProjectPathValidator` which is now a `NamespaceValidator` that skips the format validation. That way we're sure we are using the same collection of reserved paths. I updated the path constraints to reflect the changes: We now allow some values that are only used on a top level namespace as a name for a nested group/project. | |||
2017-05-01 | Add forbidden paths to the namespace validator | Bob Van Landuyt | |
2017-05-01 | Disallow some more namespaces | Bob Van Landuyt | |
These routes seem to be taken | |||
2017-04-06 | Rename cron_time_zone to cron_timezone. Separate add_concurrent_foreign_key. | Shinya Maeda | |
2017-04-06 | Separate cron_valid? and cron_time_zone_valid? | Shinya Maeda | |
2017-04-06 | Move Ci::CronParser to Gitlab::Ci::CronParser | Shinya Maeda | |
2017-04-06 | Add Import/Export Setting for trigger_schedule. Remove ref validation. | Shinya Maeda | |
2017-04-06 | Fix rubocop issues. Use add_concurrent_foreign_key. | Shinya Maeda | |
2017-04-06 | Add validator | Shinya Maeda | |
2017-03-21 | Merge branch 'ssrf' into 'security' | Douwe Maan | |
Protect server against SSRF in project import URLs See merge request !2068 | |||
2017-03-13 | Reserve few project and nested group paths | Dmitriy Zaporozhets | |
That have wildcard routes associated and not reserved yet: artifacts, graphs, badges and refs Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | |||
2017-03-07 | Restrict nested group names to prevent ambiguous routes | Dmitriy Zaporozhets | |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | |||
2017-02-24 | Introduce DurationValidator, feedback: | Lin Jen-Shin | |
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/9219#note_24032923 | |||
2017-02-23 | Enable Style/MutableConstant | Douwe Maan | |
2017-02-01 | Fix certificate validators | Kamil Trzcinski | |
2017-02-01 | Implement proper verification of certificate's public_key against the ↵ | Kamil Trzcinski | |
private_key | |||
2017-02-01 | Initial work on GitLab Pages update | Kamil Trzcinski | |
2017-01-06 | Whitelist next project names: assets, profile, public | Dmitriy Zaporozhets | |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | |||
2016-12-21 | Whitelist next project names: notes, services | Dmitriy Zaporozhets | |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | |||
2016-12-21 | Whitelist next project names: help, ci, admin, search | Dmitriy Zaporozhets | |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | |||
2016-12-21 | Allow projects with dashboard as path | Dmitriy Zaporozhets | |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | |||
2016-11-23 | Add nested groups support to the routing | Dmitriy Zaporozhets | |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | |||
2016-10-11 | Add `robots.txt` to the list of reserved namespaces | Nick Thomas | |
2016-09-29 | Add '.well-known' to the list of reserved namespaces | Robert Speicher | |
See https://gitlab.com/gitlab-org/gitlab-ce/issues/22759 | |||
2016-07-01 | refactor url validator to use sanitizer for check | James Lopez | |
2016-06-30 | few more changes from suggestions | James Lopez | |
2016-06-30 | few changes based on feedback | James Lopez | |