Merge branch 'ssrf' into 'security'
nil check for url_blocker? See merge request !2076
This commit is contained in:
parent
65aafb9917
commit
83a0c39808
1 changed files with 2 additions and 0 deletions
|
@ -8,6 +8,8 @@ module Gitlab
|
||||||
VALID_PORTS = [22, 80, 443].freeze
|
VALID_PORTS = [22, 80, 443].freeze
|
||||||
|
|
||||||
def blocked_url?(url)
|
def blocked_url?(url)
|
||||||
|
return false if url.nil?
|
||||||
|
|
||||||
blocked_ips = ["127.0.0.1", "::1", "0.0.0.0"]
|
blocked_ips = ["127.0.0.1", "::1", "0.0.0.0"]
|
||||||
blocked_ips.concat(Socket.ip_address_list.map(&:ip_address))
|
blocked_ips.concat(Socket.ip_address_list.map(&:ip_address))
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue