Douwe Maan
a9bcddee4c
Protect Gitlab::HTTP against DNS rebinding attack
...
Gitlab::HTTP now resolves the hostname only once, verifies the IP is not
blocked, and then uses the same IP to perform the actual request, while
passing the original hostname in the `Host` header and SSL SNI field.
2019-05-30 10:47:31 -03:00
blackst0ne
b44a2c801a
Update specs to rails5 format
...
Updates specs to use new rails5 format.
The old format:
`get :show, { some: params }, { some: headers }`
The new format:
`get :show, params: { some: params }, headers: { some: headers }`
2018-12-19 10:04:31 +11:00
Marcel Amirault
6876c7afa8
Fix grammar (setup to set-up) in code comments, spec, views, etc.
2018-09-17 09:17:33 +00:00
Douglas Barbosa Alexandre
34dbccb24b
Add helper methods to stub Gitlab::ExclusiveLease
2018-06-28 19:24:40 -03:00
Harrison Healey
f124b6fd11
Updated Mattermost integration to use Mattermost API v4
2018-05-28 09:18:43 -04:00
Douwe Maan
95ced3bb5f
Merge branch 'fj-15329-services-callbacks-ssrf' into 'security-10-6'
...
Server Side Request Forgery in Services and Web Hooks
See merge request gitlab/gitlabhq!2337
2018-03-21 14:39:21 +00:00
Valery Sizov
26d15a89dd
Fix Mattermost integration
2017-08-04 12:22:10 +03:00
Grzegorz Bizon
0430b76441
Enable Style/DotPosition Rubocop 👮
2017-06-21 13:48:12 +00:00
Z.J. van de Weg
1ac0639677
Add new tests
2016-12-21 14:11:00 +01:00
Z.J. van de Weg
d21535602b
Minor adjustments API Mattermost
...
[ci skip]
2016-12-19 21:44:15 +01:00
Zeger-Jan van de Weg
a9d9895dc7
Merge branch 'master' into 'zj-mattermost-slash-config'
...
# Conflicts:
# config/gitlab.yml.example
# lib/mattermost/session.rb
# spec/lib/mattermost/session_spec.rb
2016-12-18 12:59:09 +00:00
Kamil Trzcinski
e663725961
Store mattermost_url in settings
2016-12-17 10:31:14 +01:00
Kamil Trzcinski
48ebfaa491
Improve Mattermost Session specs
2016-12-17 10:31:14 +01:00
Z.J. van de Weg
a31cdb29e4
Improve session tests
2016-12-17 10:31:14 +01:00
Z.J. van de Weg
4b23764da7
Improve session tests
2016-12-15 20:21:35 +01:00