gitlab-org--gitlab-foss/lib/gitlab/template/finders
Nick Thomas 69645389e9
Prevent a path traversal attack on global file templates
The API permits path traversal characters like '../' to be passed down
to the template finder. Detect these requests and cause them to fail
with a 500 response code.
2018-12-05 14:12:35 +00:00
..
base_template_finder.rb
global_template_finder.rb Prevent a path traversal attack on global file templates 2018-12-05 14:12:35 +00:00
repo_template_finder.rb Prevent a path traversal attack on global file templates 2018-12-05 14:12:35 +00:00