kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
93073 commits 1 branch 0 tags 899 MiB
Commit graph

20 commits

Author SHA1 Message Date
Stan Hu
88f2e9615c
Alias GitHub and BitBucket OAuth2 callback URLs 
To prevent an OAuth2 covert redirect vulnerability, this commit adds and
uses an alias for the GitHub and BitBucket OAuth2 callback URLs to the
following paths:

GitHub: /users/auth/-/import/github
Bitbucket: /users/auth/-/import/bitbucket

This allows admins to put a more restrictive callback URL in the OAuth2
configuration settings. Instead of https://example.com, admins can now use:

https://example.com/users/auth

It's possible but not trivial to change Devise and OmniAuth to use a
different prefix for callback URLs instead of /users/auth. For now,
aliasing the import URLs under the /users/auth namespace should suffice.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/56663
 2019-01-31 16:52:48 +01:00
astrachan
0b639cb88b Adding what Projects permission is needed as text to match up with the image. 2018-11-13 11:30:58 +10:00
Stan Hu
b884a2e53c Add Bitbucket Server importer docs 
Add details for https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/20164.
 2018-08-08 15:25:25 -07:00
Marcel Amirault
ca4eb4447d Update bitbucket.md to fix typo and small grammar touchups. 2018-07-10 10:50:17 +00:00
Lin Jen-Shin
91bd69a4e9 Make it clear that we need to enable omniauth for SAML and Bitbucket 2018-07-06 17:55:16 +00:00
Stan Hu
ffe78adf04 Update Bitbucket callback URL documentation 
Closes #25950

[ci skip]
 2016-12-21 13:51:17 -08:00
Valery Sizov
5b0ebbe5b4 Add Wiki import to BB importer 2016-12-19 20:48:08 +02:00
Achilleas Pipinellis
27f271ee1e Refactor Bitbucket import docs 2016-12-16 14:54:23 +01:00
Valery Sizov
89cc2064a2 Update documentation for BitBucket 2016-12-08 14:41:15 +02:00
Lee Matos
8b3ab222c3 Fixing typo & Clarifying Key name 2016-11-29 13:07:42 +01:00
Achilleas Pipinellis
8fe7817e4d More Bitbucket integration refactoring 2016-08-30 17:52:14 +02:00
Achilleas Pipinellis
2fb28dddfc Refactor Bitbucket integration documentation 2016-08-30 15:42:40 +02:00
Raphaël Doursenaud
c6d2765292 Updated Bitbucket OmniAuth documentation for omnibus package 2016-08-30 13:19:37 +02:00
Raphaël Doursenaud
475afd37b6 Updated Bitbucket OmniAuth documentation 2016-08-30 13:19:37 +02:00
Eric K Idema
ae2d4d2de0 Fix escaped angle bracket's in integration documentation. 
There are several escaped angle brackets in our integration docs.  While these
render fine within GitLab, they are broken rendered on doc.gitlab.com because
pandoc does not escape them correctly.
 2016-05-12 10:48:34 -04:00
Tobias Stöckler
900d3a09a7 Fix typos in integration docs 2015-12-07 10:28:47 +01:00
Patrick Fey
d6b901a72d Improve BitBucket integration documentation [ci skip] 2015-05-15 18:37:15 +02:00
Marin Jankovski
b7229356d5 Change the name of the key used for bitbucket importer. 2015-03-20 15:54:11 -07:00
Douwe Maan
56f51bed6b Expand Bitbucket integration docs. 2015-02-25 00:06:55 +01:00
Douwe Maan
20691df230 Add Bitbucket integration docs. 2015-02-24 15:07:25 +01:00