kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/spec/controllers/concerns
History
Bob Van Landuyt 39916fdfed Reuses `InternalRedirect` when possible 
`InternalRedirect` prevents Open redirect issues by only allowing
redirection to paths on the same host.

It cleans up any unwanted strings from the path that could point to
another host (fe. //about.gitlab.com/hello). While preserving the
querystring and fragment of the uri.

It is already used by:

- `TermsController`
- `ContinueParams`
  - `ImportsController`
  - `ForksController`
- `SessionsController`: Only for verifying the host in CE. EE allows
   redirecting to a different instance using Geo.
 		2018-05-04 13:54:43 +02:00
..
checks_collaboration_spec.rb Share collaboration check between view and presenter 2018-04-11 10:51:15 +02:00
continue_params_spec.rb Reuses `InternalRedirect` when possible 2018-05-04 13:54:43 +02:00
controller_with_cross_project_access_check_spec.rb Port `read_cross_project` ability from EE 2018-02-22 17:11:36 +01:00
group_tree_spec.rb
internal_redirect_spec.rb Enforces terms in the web application 2018-05-04 13:54:43 +02:00
issuable_collections_spec.rb Refactor IssuableFinder to extract model-specific logic 2018-02-21 10:31:29 +00:00
lfs_request_spec.rb
send_file_upload_spec.rb Backport ee-40781-os-to-ce 2018-03-22 08:49:04 -04:00