kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/app/controllers
History
Jacob Vosmaer (GitLab) b7e6da5a4b Merge branch 'gitlab-workhorse-safeties' into 'master' 
Security and safety improvements for gitlab-workhorse integration

Companion to https://gitlab.com/gitlab-org/gitlab-workhorse/merge_requests/60

- Use a custom content type when sending data to gitlab-workhorse
- Verify (using JWT and a shared secret on disk) that internal API requests came from gitlab-workhorse

This will allow us to build features in gitlab-workhorse that require
more trust, and protect us against programming mistakes in the future.

This is designed so that no action is required for installations from
source. For omnibus-gitlab we need to add code that manages the shared
secret.

See merge request !5907
2016-09-09 11:33:08 +00:00
..
admin Handle unavailable system info 2016-08-25 08:28:35 +01:00
ci Code refactor 2016-09-07 12:10:49 +02:00
concerns Refresh todos count cache when an Issue/MR is deleted 2016-09-08 15:50:07 -03:00
dashboard Merge branch 'issue_18135' into 'master' 2016-08-19 23:06:30 +00:00
explore Replace reject_blocked with reject_blocked! in callbacks. 2016-07-27 13:56:30 -06:00
groups Add expiration date to group memberships 2016-08-18 21:09:17 +01:00
import Refactoring Import::BaseController#find_or_create_namespace 2016-08-31 16:54:15 -03:00
oauth
profiles Address review comments from @smcgivern. 2016-08-18 22:12:02 +05:30
projects Merge branch 'gitlab-workhorse-safeties' into 'master' 2016-09-09 11:33:08 +00:00
sherlock
abuse_reports_controller.rb
application_controller.rb Update specs - add mocks to simulate old versions 2016-09-01 14:00:46 +02:00
autocomplete_controller.rb Move to project dropdown with infinite scroll for better performance 2016-08-17 07:33:51 +02:00
confirmations_controller.rb
dashboard_controller.rb
emojis_controller.rb
groups_controller.rb Fix bug where destroying a namespace would not always destroy projects 2016-08-11 15:36:35 -07:00
health_check_controller.rb
help_controller.rb Replace reject_blocked with reject_blocked! in callbacks. 2016-07-27 13:56:30 -06:00
invites_controller.rb
jwt_controller.rb Project tools visibility level 2016-09-01 11:47:59 -03:00
koding_controller.rb Split Koding admin/user docs 2016-08-22 17:09:15 +03:00
namespaces_controller.rb test if we can :read_group the group, not the namespace 2016-08-30 11:39:22 -07:00
notification_settings_controller.rb
omniauth_callbacks_controller.rb
passwords_controller.rb
profiles_controller.rb
projects_controller.rb Project tools visibility level 2016-09-01 11:47:59 -03:00
registrations_controller.rb Enable Style/SpaceAroundEqualsInParameterDefault cop 2016-08-06 04:03:01 +02:00
root_controller.rb
search_controller.rb Replace reject_blocked with reject_blocked! in callbacks. 2016-07-27 13:56:30 -06:00
sent_notifications_controller.rb
sessions_controller.rb Remove provider path, replace with dynamic path. 2016-08-03 11:50:38 -06:00
snippets_controller.rb
uploads_controller.rb
users_controller.rb