Merge branch 'ssrf' into 'security'

nil check for url_blocker? See merge request !2076
2017-03-18 17:56:05 +00:00 · 2017-03-18 17:56:05 +00:00 · 83a0c39808
commit 83a0c39808
parent 65aafb9917
1 changed files with 2 additions and 0 deletions
--- a/lib/gitlab/url_blocker.rb
+++ b/lib/gitlab/url_blocker.rb
@ -8,6 +8,8 @@ module Gitlab
      VALID_PORTS = [22, 80, 443].freeze

      def blocked_url?(url)
+        return false if url.nil?
+
        blocked_ips = ["127.0.0.1", "::1", "0.0.0.0"]
        blocked_ips.concat(Socket.ip_address_list.map(&:ip_address))