e2ec97a92e
Currently we check if uploaded file is under `Gitlab.config.uploads.storage_path`, the problem is that uploads are placed in `uploads` subdirectory which is symlink. In allow_path? method we check real (expanded) paths, which causes that `Gitlab.config.uploads.storage_path` is expaned into symlink path and there is a mismatch with upload file path. By adding `Gitlab.config.uploads.storage_path/uploads` into allowed paths, this path is expaned during path check. `Gitlab.config.uploads.storage_path` is left there intentionally in case some uploader wouldn't use `uploads` subdir.
5 lines
97 B
YAML
5 lines
97 B
YAML
---
|
|
title: Add /uploads subdirectory to allowed upload paths.
|
|
merge_request:
|
|
author:
|
|
type: fixed
|