• Douwe Maan's avatar
    Protect Gitlab::HTTP against DNS rebinding attack · a9bcddee
    Douwe Maan authored
    Gitlab::HTTP now resolves the hostname only once, verifies the IP is not
    blocked, and then uses the same IP to perform the actual request, while
    passing the original hostname in the `Host` header and SSL SNI field.
    a9bcddee
processor_spec.rb 9.28 KB