b7e6da5a4b
Security and safety improvements for gitlab-workhorse integration Companion to https://gitlab.com/gitlab-org/gitlab-workhorse/merge_requests/60 - Use a custom content type when sending data to gitlab-workhorse - Verify (using JWT and a shared secret on disk) that internal API requests came from gitlab-workhorse This will allow us to build features in gitlab-workhorse that require more trust, and protect us against programming mistakes in the future. This is designed so that no action is required for installations from source. For omnibus-gitlab we need to add code that manages the shared secret. See merge request !5907 |
||
|---|---|---|
| .. | ||
| api | ||
| assets | ||
| backup | ||
| banzai | ||
| ci | ||
| container_registry | ||
| gitlab | ||
| json_web_token | ||
| omni_auth | ||
| rouge/formatters | ||
| support | ||
| tasks | ||
| banzai.rb | ||
| disable_email_interceptor.rb | ||
| event_filter.rb | ||
| extracts_path.rb | ||
| file_size_validator.rb | ||
| file_streamer.rb | ||
| gitlab.rb | ||
| gt_one_coercion.rb | ||
| repository_cache.rb | ||
| static_model.rb | ||
| unfold_form.rb | ||
| uploaded_file.rb | ||
| version_check.rb | ||