95ced3bb5f
Server Side Request Forgery in Services and Web Hooks See merge request gitlab/gitlabhq!2337
11 lines
399 B
Ruby
11 lines
399 B
Ruby
# This class is used as a proxy for all outbounding http connection
|
|
# coming from callbacks, services and hooks. The direct use of the HTTParty
|
|
# is discouraged because it can lead to several security problems, like SSRF
|
|
# calling internal IP or services.
|
|
module Gitlab
|
|
class HTTP
|
|
include HTTParty # rubocop:disable Gitlab/HTTParty
|
|
|
|
connection_adapter ProxyHTTPConnectionAdapter
|
|
end
|
|
end
|