kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/spec
History
Bob Van Landuyt 39916fdfed Reuses InternalRedirect when possible 
`InternalRedirect` prevents Open redirect issues by only allowing
redirection to paths on the same host.

It cleans up any unwanted strings from the path that could point to
another host (fe. //about.gitlab.com/hello). While preserving the
querystring and fragment of the uri.

It is already used by:

- `TermsController`
- `ContinueParams`
  - `ImportsController`
  - `ForksController`
- `SessionsController`: Only for verifying the host in CE. EE allows
   redirecting to a different instance using Geo.
2018-05-04 13:54:43 +02:00
..
bin
config
controllers Reuses InternalRedirect when possible 2018-05-04 13:54:43 +02:00
db/production
factories Allow a user to accept/decline terms 2018-05-04 13:54:43 +02:00
features Enforces terms in the web application 2018-05-04 13:54:43 +02:00
finders show only groups an admin is a member of in dashboards/grops 2018-05-01 09:24:21 +00:00
fixtures Merge request and commit discussions API 2018-05-01 12:39:44 +00:00
helpers Allow a user to accept/decline terms 2018-05-04 13:54:43 +02:00
initializers
javascripts Merge branch 'ide-tree-changes-count' into 'master' 2018-05-03 17:33:33 +00:00
lib Merge branch 'master' into feature/runner-per-group 2018-05-03 09:54:12 +02:00
mailers
migrations Use stages position column to track stage index 2018-05-01 14:30:44 +02:00
models Add model to track users accepting agreements 2018-05-04 13:52:55 +02:00
policies Enforces terms in the web application 2018-05-04 13:54:43 +02:00
presenters Only show push-to-master authorized users 2018-04-24 13:59:41 +02:00
requests Store application wide terms 2018-05-04 13:52:55 +02:00
routing
rubocop/cop
serializers Increase PipelineSerializer query limit count to support new group runner queries 2018-04-26 13:23:35 +08:00
services Allow a user to accept/decline terms 2018-05-04 13:54:43 +02:00
sidekiq/cron
support Enforces terms in the web application 2018-05-04 13:54:43 +02:00
tasks Gitlab::Shell works on shard name, not path 2018-04-25 13:36:22 +02:00
unicorn
uploaders Fix file_store for artifacts and lfs when saving 2018-05-01 22:27:54 +02:00
validators
views Create autodevops settings sections 2018-04-20 12:48:04 -05:00
workers Makes namespaceless project destroy worker spec not depend on a specific migration version 2018-04-30 09:54:44 +01:00
factories_spec.rb
fast_spec_helper.rb Do not preload settings 2018-04-24 19:32:06 +02:00
rails_helper.rb
rake_helper.rb
simplecov_env.rb
spec_helper.rb Gitlab::Shell works on shard name, not path 2018-04-25 13:36:22 +02:00