Fix directory traversal vulnerability around uploads routes.
This commit is contained in:
parent
24d139ba97
commit
93133f4da9
|
@ -1,6 +1,8 @@
|
||||||
Please view this file on the master branch, on stable branches it's out of date.
|
Please view this file on the master branch, on stable branches it's out of date.
|
||||||
|
|
||||||
v 7.10.0 (unreleased)
|
v 7.10.0 (unreleased)
|
||||||
|
- Fix directory traversal vulnerability around uploads routes.
|
||||||
|
- Fix broken file browsing with a submodule that contains a relative link (Stan Hu)
|
||||||
- Fix bug where Wiki pages that included a '/' were no longer accessible (Stan Hu)
|
- Fix bug where Wiki pages that included a '/' were no longer accessible (Stan Hu)
|
||||||
- Fix bug where error messages from Dropzone would not be displayed on the issues page (Stan Hu)
|
- Fix bug where error messages from Dropzone would not be displayed on the issues page (Stan Hu)
|
||||||
- Add ability to configure Reply-To address in gitlab.yml (Stan Hu)
|
- Add ability to configure Reply-To address in gitlab.yml (Stan Hu)
|
||||||
|
|
|
@ -91,18 +91,18 @@ Gitlab::Application.routes.draw do
|
||||||
# Note attachments and User/Group/Project avatars
|
# Note attachments and User/Group/Project avatars
|
||||||
get ":model/:mounted_as/:id/:filename",
|
get ":model/:mounted_as/:id/:filename",
|
||||||
to: "uploads#show",
|
to: "uploads#show",
|
||||||
constraints: { model: /note|user|group|project/, mounted_as: /avatar|attachment/, filename: /.+/ }
|
constraints: { model: /note|user|group|project/, mounted_as: /avatar|attachment/, filename: /[^\/]+/ }
|
||||||
|
|
||||||
# Project markdown uploads
|
# Project markdown uploads
|
||||||
get ":namespace_id/:project_id/:secret/:filename",
|
get ":namespace_id/:project_id/:secret/:filename",
|
||||||
to: "projects/uploads#show",
|
to: "projects/uploads#show",
|
||||||
constraints: { namespace_id: /[a-zA-Z.0-9_\-]+/, project_id: /[a-zA-Z.0-9_\-]+/, filename: /.+/ }
|
constraints: { namespace_id: /[a-zA-Z.0-9_\-]+/, project_id: /[a-zA-Z.0-9_\-]+/, filename: /[^\/]+/ }
|
||||||
end
|
end
|
||||||
|
|
||||||
# Redirect old note attachments path to new uploads path.
|
# Redirect old note attachments path to new uploads path.
|
||||||
get "files/note/:id/:filename",
|
get "files/note/:id/:filename",
|
||||||
to: redirect("uploads/note/attachment/%{id}/%{filename}"),
|
to: redirect("uploads/note/attachment/%{id}/%{filename}"),
|
||||||
constraints: { filename: /.+/ }
|
constraints: { filename: /[^\/]+/ }
|
||||||
|
|
||||||
#
|
#
|
||||||
# Explore area
|
# Explore area
|
||||||
|
@ -485,7 +485,7 @@ Gitlab::Application.routes.draw do
|
||||||
|
|
||||||
resources :uploads, only: [:create] do
|
resources :uploads, only: [:create] do
|
||||||
collection do
|
collection do
|
||||||
get ":secret/:filename", action: :show, as: :show, constraints: { filename: /.+/ }
|
get ":secret/:filename", action: :show, as: :show, constraints: { filename: /[^\/]+/ }
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue