Age | Commit message (Collapse) | Author |
|
|
|
test: replace require.Equal with specialized assertions
See merge request gitlab-org/gitlab-pages!685
|
|
fix: validate that session was issued on the same host
See merge request gitlab-org/security/gitlab-pages!28
|
|
Currently, sessions are valid across all domains.
And our auth tokens are also valid for all pages projects
user has access to.
This means that cookie from one website can be reused on the
another.
Attackers can steal cookies in many different ways.
The easiest way would be to setup a validated custom domain,
then proxy all requests to pages server, but log the cookies.
Once you have a cookie for attackers domain, you can reuse it
on any other pages domain the target user has access to.
This commit saves current domain in the session and validates it
when reading the session.
Changelog: security
|
|
|
|
|
|
feat: add rate limits on the TLS connection level
See merge request gitlab-org/gitlab-pages!700
|
|
|
|
Changelog: added
|
|
refactor: Always set request timeout in tests
See merge request gitlab-org/gitlab-pages!699
|
|
|
|
|
|
|
|
test: replace tmpdir workaround with native T tmp
See merge request gitlab-org/gitlab-pages!598
|
|
test: cleanup gitlab server stub and stubOpts
See merge request gitlab-org/gitlab-pages!652
|
|
|
|
|
|
Changelog: added
|
|
Add rate limiting per domain name
See merge request gitlab-org/gitlab-pages!635
|
|
Changelog: added
|
|
Changelog: added
|
|
|
|
|
|
Changelog: added
|
|
|
|
refactor: remove FF_ENABLE_REDIRECTS feature flag
Closes #618
See merge request gitlab-org/gitlab-pages!582
|
|
test: add sha256 to mocked lookups and fix tests
See merge request gitlab-org/gitlab-pages!634
|
|
We want to add domain-based ratelimiter.
The logic will be identical, but we'll use host instead
of IP address.
|
|
|
|
|
|
and fix offences
|
|
test: refactor RunPagesProcess function to take functional arguments
Closes #79
See merge request gitlab-org/gitlab-pages!607
|
|
Related to https://gitlab.com/gitlab-org/gitlab-pages/-/issues/466
Changelog: added
|
|
Some parts of the application may be vulnerable to very long URIs being passed.
E.g. Auth will try to save URI to session cookie, and it will fails, which will result in 500 error
Changelog: fixed
|
|
|
|
remove GetCompressedPageFromListener, GetPageFromListenerWithCookie
and GetProxiedPageFromListener
|
|
|
|
test: rate limit with all listener types
|
|
It gets the source IP from `r.RemoteAddr` or from the `X-Forwarded-For`
header for proxied requests (when `--listen-proxy` is enabled).
The first iteration will only report logs and metrics when an IP is
being rate limited.
The rate limiter uses a Token Bucket approach using
golang.org/x/time/rate, which can be configured with the newly added
flags `rate-limit-source-ip` and `rate-limit-source-ip-burst`.
To enable the rate limiter, set `rate-limit-source-ip` to value > 1,
which is the number of requests per second to allow. It is enabled by
default in "dry-run" mode so requests won't be dropped until the
environment variable
`FF_ENABLE_RATE_LIMITER` is set to `"true"`.
See metrics.go for the newly added metrics.
Changelog: added
|
|
Remove gitlab-pages daemon
Closes #114 and #133
See merge request gitlab-org/gitlab-pages!542
|
|
|
|
We have now disabled chroot by default since %14.1, and
recently removed support for disk-based configuration
coming in %14.3. And we've also removed the chroot
completely from Pages.
Since nginx can do TCP proxying and there's no need to use
privileged ports, Pages has been confirmed to run as non-root
in k8s environment without any issues.
This MR removes support for the gitlab-pages daemon completely.
Changelog: removed
|
|
|
|
|
|
|
|
|
|
Changelog: removed
|
|
|
|
|
|
refactor: remove support for disk configuration source
Closes #103, #158, #68, and #382
See merge request gitlab-org/gitlab-pages!541
|