blob: 532196157b7379e17293e3e74cc2538aeed563fc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
# frozen_string_literal: true
module ExternalRedirect
class ExternalRedirectController < ApplicationController
feature_category :navigation
skip_before_action :authenticate_user!
before_action :check_url_param
def index
if known_url?
redirect_to url_param
else
render layout: 'fullscreen', locals: {
minimal: true,
url: url_param
}
end
end
private
def url_param
params['url']&.strip
end
def known_url?
uri_data = Addressable::URI.parse(url_param)
uri_data.site == Gitlab.config.gitlab.url
end
def check_url_param
render_404 unless ::Gitlab::UrlSanitizer.valid_web?(url_param)
end
end
end
|