kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/config/initializers
History
Marin Jankovski 8fa9da49c4 Merge branch 'set-omniauth-full-host' into 'master' 
Set OmniAuth full_host parameter to ensure redirect URIs are correct

### What does this MR do?

This MR sets the OmniAuth `full_host` parameter to the configured GitLab URL to ensure the `redirect_uri` parameter is called with the right GitLab host.

### Why was this MR needed?

[OmniAuth attempts to grab the request URI](http://awesomeprogrammer.com/blog/2012/12/09/dealing-with-omniauth-redirect-uri-mismatch-invalid-port-number-gotcha/) and use that. If you set up a reverse proxy that terminates SSL at the Web server layer (e.g. https://gitlab.domain.com), omniauth will use the internal URL (e.g. http://my-host:8080) in its redirect URI unless all the Web server headers are properly set (e.g. `X-Forwarded-Port`, etc.). This is easy to forget or mess up, and it's better to ensure that OmniAuth has the right value from the start.

### What are the relevant issue numbers?

Closes #1967

See merge request !991
2015-07-20 08:45:58 +00:00
..
1_settings.rb Add Gitlab::Themes module; remove Gitlab::Theme 2015-06-13 17:58:16 -04:00
2_app.rb Revert "Preload lib/" 2015-04-09 12:21:59 -04:00
3_grit_ext.rb
4_sidekiq.rb Remove sidekiq-limit_fetch because it require Redis 2.6. 2015-04-03 18:38:31 +02:00
5_backend.rb Warn when gitlab-shell version doesn't match requirement. 2015-04-06 14:02:49 +02:00
6_rack_profiler.rb Enable rack profiler by default 2015-06-24 12:48:59 +02:00
7_omniauth.rb Set OmniAuth full_host parameter to ensure redirect URIs are correct 2015-07-17 16:24:19 -07:00
8_default_url_options.rb Set default_url_options in test environments too 2015-04-25 19:46:05 -04:00
attr_encrypted_no_db_connection.rb Fix. 2015-05-15 15:32:49 +02:00
backtrace_silencers.rb
carrierwave.rb Rubocop: comment indentation 2015-02-02 21:34:16 -08:00
devise.rb Add support for backup codes 2015-05-09 17:31:37 -04:00
devise_async.rb
devise_password_length.rb.example
disable_email_interceptor.rb Revert "Allow to configure smtp and sendmail in gitlab.yml" 2015-05-06 17:39:18 +03:00
doorkeeper.rb Fix OAuth provider bug where GitLab would not go return to the redirect_uri after sign-in 2015-07-18 15:57:11 -07:00
gitlab_shell_secret_token.rb Allow to configure gitlab_shell_secret location 2015-05-16 21:46:06 +02:00
haml.rb
inflections.rb
kaminari_config.rb
mime_types.rb Add Markdown to Mime types 2015-04-15 12:25:24 -04:00
postgresql_limit_fix.rb
public_key.rb Fix typo. 2015-03-20 16:13:03 -07:00
rack_attack.rb.example Add a note that changing example configuration files requires changing omnibus-gitlab. 2015-06-11 15:11:37 +02:00
rack_attack_git_basic_auth.rb Add more comments explaining how we block IPs 2014-12-18 11:08:11 +01:00
redis-store-fix-expiry.rb
secret_token.rb
session_store.rb Ensure session_expire_delay field exists before accessing it 2015-06-13 00:31:08 -04:00
smtp_settings.rb.sample Add a note that changing example configuration files requires changing omnibus-gitlab. 2015-06-11 15:11:37 +02:00
state_machine_patch.rb
static_files.rb Change check to only swap static middleware when it's enabled. 2015-02-21 15:09:17 +01:00
time_zone.rb
wrap_parameters.rb