kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/spec/controllers
History
Bob Van Landuyt 39916fdfed Reuses InternalRedirect when possible 
`InternalRedirect` prevents Open redirect issues by only allowing
redirection to paths on the same host.

It cleans up any unwanted strings from the path that could point to
another host (fe. //about.gitlab.com/hello). While preserving the
querystring and fragment of the uri.

It is already used by:

- `TermsController`
- `ContinueParams`
  - `ImportsController`
  - `ForksController`
- `SessionsController`: Only for verifying the host in CE. EE allows
   redirecting to a different instance using Geo.
2018-05-04 13:54:43 +02:00
..
admin Update invalid test application_settings_controller_spec.rb 2018-04-14 00:04:55 +03:00
boards Port read_cross_project ability from EE 2018-02-22 17:11:36 +01:00
concerns Reuses InternalRedirect when possible 2018-05-04 13:54:43 +02:00
dashboard Fix filter on dashboard/groups & `explore/groups 2018-01-22 17:02:04 +01:00
explore
google_api
groups Bring one group board to CE 2018-03-03 12:56:17 -03:00
import Resolve "Namespace factory is problematic" 2018-04-23 15:48:26 +00:00
ldap Refactor OmniauthCallbacksController to remove duplication 2018-04-22 23:50:55 +01:00
oauth Specify base controller for Doorkeeper 2018-02-28 12:05:19 +01:00
profiles
projects Merge branch 'master' into feature/runner-per-group 2018-05-03 09:54:12 +02:00
snippets
users Enforces terms in the web application 2018-05-04 13:54:43 +02:00
abuse_reports_controller_spec.rb
application_controller_spec.rb Enforces terms in the web application 2018-05-04 13:54:43 +02:00
autocomplete_controller_spec.rb Revert few more broken specs related to *_with_namespace methods 2018-03-05 18:25:52 +02:00
dashboard_controller_spec.rb Check if at least one filter is set on dashboard 2018-04-03 20:19:09 +02:00
groups_controller_spec.rb 31885 - Ability to transfer a single group to another group 2018-02-06 00:10:58 +00:00
health_check_controller_spec.rb use Gitlab::UserSettings directly as a singleton instead of including/extending it 2018-02-02 18:39:55 +00:00
health_controller_spec.rb use Gitlab::UserSettings directly as a singleton instead of including/extending it 2018-02-02 18:39:55 +00:00
help_controller_spec.rb Updating HelpController spec to use an existing image 2018-02-07 12:05:25 -06:00
invites_controller_spec.rb
metrics_controller_spec.rb
notification_settings_controller_spec.rb Replace '.team << [user, role]' with 'add_role(user)' in specs 2017-12-22 19:18:28 +11:00
omniauth_callbacks_controller_spec.rb Writes specs 2018-03-22 16:05:15 +00:00
passwords_controller_spec.rb Allow password authentication to be disabled entirely 2017-11-23 13:16:14 +00:00
profiles_controller_spec.rb Gitlab::Shell works on shard name, not path 2018-04-25 13:36:22 +02:00
projects_controller_spec.rb Use hashed storage in the specs 2018-02-07 13:40:46 +00:00
registrations_controller_spec.rb Allow password authentication to be disabled entirely 2017-11-23 13:16:14 +00:00
root_controller_spec.rb 'Assigned Issues' and 'Assigned Merge Requests' as dashboard user choices 2018-03-27 12:16:12 +00:00
search_controller_spec.rb Port read_cross_project ability from EE 2018-02-22 17:11:36 +01:00
sent_notifications_controller_spec.rb
sessions_controller_spec.rb Reuses InternalRedirect when possible 2018-05-04 13:54:43 +02:00
snippets_controller_spec.rb
uploads_controller_spec.rb Revert "Merge branch '3867-port-to-ce' into 'master'" 2018-02-28 21:09:34 +01:00
user_callouts_controller_spec.rb Change UserCallout feautre_name to enum 2018-02-03 00:18:25 +01:00
users_controller_spec.rb Port read_cross_project ability from EE 2018-02-22 17:11:36 +01:00