Set asset_proxy_whitelist default to gitlab host

2019-09-05 09:13:38 -05:00 · 2019-09-05 09:13:38 -05:00 · 921c704f00
commit 921c704f00
parent 700bdfc77d
3 changed files with 21 additions and 1 deletions
--- a/changelogs/unreleased/67037-user-content-gitlab-static-net-brings-back-404-only.yml
+++ b/changelogs/unreleased/67037-user-content-gitlab-static-net-brings-back-404-only.yml
@ -0,0 +1,5 @@
+---
+title: Default the asset proxy whitelist to the installation domain
+merge_request: 32703
+author:
+type: fixed
--- a/lib/banzai/filter/asset_proxy_filter.rb
+++ b/lib/banzai/filter/asset_proxy_filter.rb
@ -44,7 +44,7 @@ module Banzai
          Gitlab.config.asset_proxy['enabled']       = application_settings.asset_proxy_enabled
          Gitlab.config.asset_proxy['url']           = application_settings.asset_proxy_url
          Gitlab.config.asset_proxy['secret_key']    = application_settings.asset_proxy_secret_key
-          Gitlab.config.asset_proxy['whitelist']     = application_settings.asset_proxy_whitelist || [Gitlab.config.gitlab.host]
+          Gitlab.config.asset_proxy['whitelist']     = determine_whitelist(application_settings)
          Gitlab.config.asset_proxy['domain_regexp'] = compile_whitelist(Gitlab.config.asset_proxy.whitelist)
        else
          Gitlab.config.asset_proxy['enabled']       = ::ApplicationSetting.defaults[:asset_proxy_enabled]
@ -57,6 +57,10 @@ module Banzai
        escaped = domain_list.map { |domain| Regexp.escape(domain).gsub('\*', '.*?') }
        Regexp.new("^(#{escaped.join('|')})$", Regexp::IGNORECASE)
      end
+
+      def self.determine_whitelist(application_settings)
+        application_settings.asset_proxy_whitelist.presence || [Gitlab.config.gitlab.host]
+      end
    end
  end
 end
--- a/spec/lib/banzai/filter/asset_proxy_filter_spec.rb
+++ b/spec/lib/banzai/filter/asset_proxy_filter_spec.rb
@ -36,6 +36,17 @@ describe Banzai::Filter::AssetProxyFilter do
      expect(Gitlab.config.asset_proxy.whitelist).to eq %w(gitlab.com *.mydomain.com)
      expect(Gitlab.config.asset_proxy.domain_regexp).to eq /^(gitlab\.com|.*?\.mydomain\.com)$/i
    end
+
+    context 'when whitelist is empty' do
+      it 'defaults to the install domain' do
+        stub_application_setting(asset_proxy_enabled: true)
+        stub_application_setting(asset_proxy_whitelist: [])
+
+        described_class.initialize_settings
+
+        expect(Gitlab.config.asset_proxy.whitelist).to eq [Gitlab.config.gitlab.host]
+      end
+    end
  end

  context 'when properly configured' do