kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
85,499 Commits 1 Branch 0 Tags 899 MiB
Commit Graph

5 Commits

Author SHA1 Message Date
Imre Farkas b1e070bf49
Fix API::Namespaces to accept namepaces with dots 
It also renames the API::PROJECT_ENDPOINT_REQUIREMENTS constant to
API::NAMESPACE_OR_PROJECT_REQUIREMENTS
 2018-11-28 12:54:11 +01:00
Stan Hu a12d25d8a5 Validate Wiki attachments are valid temporary files 
A malicious attacker could craft a request to read arbitrary files on
the system. This change adds a Grape validation to ensure that the
tempfile parameter delivered by the Rack multipart uploader is a
Tempfile type to prevent users from being able to specify arbitrary
filenames.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/53072
 2018-10-23 20:47:38 -07:00
gfyoung 3836d69119 Enable frozen string in lib/api and lib/backup 
Partially addresses #47424.

Had to make changes to spec files because
stubbing methods on frozen objects is a mess
in RSpec and leads to failures:

https://github.com/rspec/rspec-mocks/issues/1190
 2018-09-29 21:04:50 -07:00
Francisco Javier López f9475e299c Uploads to wiki stored inside the wiki git repository 2018-09-04 10:39:08 +00:00
blackst0ne 2915bb2707 Add API support for wiki pages 2017-09-07 09:21:52 +11:00