kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
89,636 Commits 1 Branch 0 Tags 899 MiB
Commit Graph

20 Commits

Author SHA1 Message Date
Stan Hu 88f2e9615c
Alias GitHub and BitBucket OAuth2 callback URLs 
To prevent an OAuth2 covert redirect vulnerability, this commit adds and
uses an alias for the GitHub and BitBucket OAuth2 callback URLs to the
following paths:

GitHub: /users/auth/-/import/github
Bitbucket: /users/auth/-/import/bitbucket

This allows admins to put a more restrictive callback URL in the OAuth2
configuration settings. Instead of https://example.com, admins can now use:

https://example.com/users/auth

It's possible but not trivial to change Devise and OmniAuth to use a
different prefix for callback URLs instead of /users/auth. For now,
aliasing the import URLs under the /users/auth namespace should suffice.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/56663
 2019-01-31 16:52:48 +01:00
astrachan 0b639cb88b Adding what Projects permission is needed as text to match up with the image. 2018-11-13 11:30:58 +10:00
Stan Hu b884a2e53c Add Bitbucket Server importer docs 
Add details for https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/20164.
 2018-08-08 15:25:25 -07:00
Marcel Amirault ca4eb4447d Update bitbucket.md to fix typo and small grammar touchups. 2018-07-10 10:50:17 +00:00
Lin Jen-Shin 91bd69a4e9 Make it clear that we need to enable omniauth for SAML and Bitbucket 2018-07-06 17:55:16 +00:00
Stan Hu ffe78adf04 Update Bitbucket callback URL documentation 
Closes #25950

[ci skip]
 2016-12-21 13:51:17 -08:00
Valery Sizov 5b0ebbe5b4 Add Wiki import to BB importer 2016-12-19 20:48:08 +02:00
Achilleas Pipinellis 27f271ee1e Refactor Bitbucket import docs 2016-12-16 14:54:23 +01:00
Valery Sizov 89cc2064a2 Update documentation for BitBucket 2016-12-08 14:41:15 +02:00
Lee Matos 8b3ab222c3 Fixing typo & Clarifying Key name 2016-11-29 13:07:42 +01:00
Achilleas Pipinellis 8fe7817e4d More Bitbucket integration refactoring 2016-08-30 17:52:14 +02:00
Achilleas Pipinellis 2fb28dddfc Refactor Bitbucket integration documentation 2016-08-30 15:42:40 +02:00
Raphaël Doursenaud c6d2765292 Updated Bitbucket OmniAuth documentation for omnibus package 2016-08-30 13:19:37 +02:00
Raphaël Doursenaud 475afd37b6 Updated Bitbucket OmniAuth documentation 2016-08-30 13:19:37 +02:00
Eric K Idema ae2d4d2de0 Fix escaped angle bracket's in integration documentation. 
There are several escaped angle brackets in our integration docs.  While these
render fine within GitLab, they are broken rendered on doc.gitlab.com because
pandoc does not escape them correctly.
 2016-05-12 10:48:34 -04:00
Tobias Stöckler 900d3a09a7 Fix typos in integration docs 2015-12-07 10:28:47 +01:00
Patrick Fey d6b901a72d Improve BitBucket integration documentation [ci skip] 2015-05-15 18:37:15 +02:00
Marin Jankovski b7229356d5 Change the name of the key used for bitbucket importer. 2015-03-20 15:54:11 -07:00
Douwe Maan 56f51bed6b Expand Bitbucket integration docs. 2015-02-25 00:06:55 +01:00
Douwe Maan 20691df230 Add Bitbucket integration docs. 2015-02-24 15:07:25 +01:00