b7e6da5a4b
Security and safety improvements for gitlab-workhorse integration Companion to https://gitlab.com/gitlab-org/gitlab-workhorse/merge_requests/60 - Use a custom content type when sending data to gitlab-workhorse - Verify (using JWT and a shared secret on disk) that internal API requests came from gitlab-workhorse This will allow us to build features in gitlab-workhorse that require more trust, and protect us against programming mistakes in the future. This is designed so that no action is required for installations from source. For omnibus-gitlab we need to add code that manages the shared secret. See merge request !5907 |
||
---|---|---|
.. | ||
appearances_helper.rb | ||
application_helper.rb | ||
application_settings_helper.rb | ||
auth_helper.rb | ||
avatars_helper.rb | ||
blob_helper.rb | ||
branches_helper.rb | ||
broadcast_messages_helper.rb | ||
button_helper.rb | ||
ci_status_helper.rb | ||
commits_helper.rb | ||
compare_helper.rb | ||
dashboard_helper.rb | ||
diff_helper.rb | ||
dropdowns_helper.rb | ||
emails_helper.rb | ||
events_helper.rb | ||
explore_helper.rb | ||
external_wiki_helper.rb | ||
form_helper.rb | ||
git_helper.rb | ||
gitlab_markdown_helper.rb | ||
gitlab_routing_helper.rb | ||
graph_helper.rb | ||
groups_helper.rb | ||
icons_helper.rb | ||
import_helper.rb | ||
issuables_helper.rb | ||
issues_helper.rb | ||
javascript_helper.rb | ||
kerberos_spnego_helper.rb | ||
labels_helper.rb | ||
lfs_helper.rb | ||
members_helper.rb | ||
merge_requests_helper.rb | ||
milestones_helper.rb | ||
namespaces_helper.rb | ||
nav_helper.rb | ||
notes_helper.rb | ||
notifications_helper.rb | ||
page_layout_helper.rb | ||
preferences_helper.rb | ||
projects_helper.rb | ||
runners_helper.rb | ||
search_helper.rb | ||
selects_helper.rb | ||
sentry_helper.rb | ||
services_helper.rb | ||
sidekiq_helper.rb | ||
snippets_helper.rb | ||
sorting_helper.rb | ||
submodule_helper.rb | ||
tab_helper.rb | ||
tags_helper.rb | ||
time_helper.rb | ||
todos_helper.rb | ||
tree_helper.rb | ||
triggers_helper.rb | ||
u2f_helper.rb | ||
version_check_helper.rb | ||
visibility_level_helper.rb | ||
workhorse_helper.rb |