Don't allow a relative_url_root of '/'

This will fail in a few ways: 1. We might end up having a path (not a URL) starting with `//`, which will be interpreted by browsers as a protocol-relative URL. 2. Issue, MR, snippet, etc. reference parsing will look for URLs at `http://gitlab.example.com//project/...`, with the double slash preventing single slashes from working. In general, it doesn't seem like there's a valid case for this.
2019-04-29 15:26:23 +01:00 · 2019-04-29 15:26:23 +01:00 · 565150205c
parent 41fed29a60
commit 565150205c
1 changed files with 2 additions and 0 deletions
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@ -136,6 +136,8 @@ Settings.gitlab['ssh_host']   ||= Settings.gitlab.host
 Settings.gitlab['https']        = false if Settings.gitlab['https'].nil?
 Settings.gitlab['port']       ||= ENV['GITLAB_PORT'] || (Settings.gitlab.https ? 443 : 80)
 Settings.gitlab['relative_url_root'] ||= ENV['RAILS_RELATIVE_URL_ROOT'] || ''
+# / is not a valid relative URL root
+Settings.gitlab['relative_url_root']   = '' if Settings.gitlab['relative_url_root'] == '/'
 Settings.gitlab['protocol'] ||= Settings.gitlab.https ? "https" : "http"
 Settings.gitlab['email_enabled'] ||= true if Settings.gitlab['email_enabled'].nil?
 Settings.gitlab['email_from'] ||= ENV['GITLAB_EMAIL_FROM'] || "gitlab@#{Settings.gitlab.host}"