Only redirect to homepage url when its not the root url
It was possible to create an infi redirect when the user set up the `home_page_url` to redirect to the main URL of the gitlab instance. This fix makes sure this redirect is not possible. Fixes !1020 Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com>
This commit is contained in:
Jeroen van Baarsen
parent
be0631e1cd
commit
2dec5ec990
|
|
@ -59,13 +59,8 @@ class ApplicationController < ActionController::Base
|
|||
end
|
||||
|
||||
def authenticate_user!(*args)
|
||||
# If user is not signed-in and tries to access root_path - redirect him to landing page
|
||||
# Don't redirect to the default URL to prevent endless redirections
|
||||
if current_application_settings.home_page_url.present? &&
|
||||
current_application_settings.home_page_url.chomp('/') != Gitlab.config.gitlab['url'].chomp('/')
|
||||
if current_user.nil? && root_path == request.path
|
||||
redirect_to current_application_settings.home_page_url and return
|
||||
end
|
||||
if redirect_to_home_page_url?
|
||||
redirect_to current_application_settings.home_page_url and return
|
||||
end
|
||||
|
||||
super(*args)
|
||||
|
|
@ -346,4 +341,17 @@ class ApplicationController < ActionController::Base
|
|||
def git_import_enabled?
|
||||
current_application_settings.import_sources.include?('git')
|
||||
end
|
||||
|
||||
def redirect_to_home_page_url?
|
||||
# If user is not signed-in and tries to access root_path - redirect him to landing page
|
||||
# Don't redirect to the default URL to prevent endless redirections
|
||||
return false unless current_application_settings.home_page_url.present?
|
||||
|
||||
home_page_url = current_application_settings.home_page_url.chomp('/')
|
||||
root_urls = [Gitlab.config.gitlab['url'].chomp('/'), root_url.chomp('/')]
|
||||
|
||||
return false if root_urls.include?(home_page_url)
|
||||
|
||||
current_user.nil? && root_path == request.path
|
||||
end
|
||||
end
|
||||
|
|
|
|||
Loading…
Reference in New Issue