Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Tatuya Kamada
gitlab-ce
Commits
d8e38de9
Commit
d8e38de9
authored
Jul 25, 2016
by
Rémy Coutable
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'reject-invalid-trusted-proxies'
See !5454. Signed-off-by:
Rémy Coutable
<
remy@rymai.me
>
parents
0030fe53
8d73c761
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
16 additions
and
3 deletions
+16
-3
CHANGELOG
CHANGELOG
+2
-1
config/initializers/trusted_proxies.rb
config/initializers/trusted_proxies.rb
+8
-2
spec/initializers/trusted_proxies_spec.rb
spec/initializers/trusted_proxies_spec.rb
+6
-0
No files found.
CHANGELOG
View file @
d8e38de9
...
@@ -8,8 +8,9 @@ v 8.11.0 (unreleased)
...
@@ -8,8 +8,9 @@ v 8.11.0 (unreleased)
- Add GitLab Workhorse version to admin dashboard (Katarzyna Kobierska Ula Budziszewska)
- Add GitLab Workhorse version to admin dashboard (Katarzyna Kobierska Ula Budziszewska)
v 8.10.1 (unreleased)
v 8.10.1 (unreleased)
- Fix bug where replies to commit notes displayed in the MR discussion tab wouldn't show up on the commit page
- Fix Error 500 when creating Wiki pages with hyphens or spaces
- Fix Error 500 when creating Wiki pages with hyphens or spaces
- Ignore invalid trusted proxies in X-Forwarded-For header
- Fix bug where replies to commit notes displayed in the MR discussion tab wouldn't show up on the commit page
v 8.10.0
v 8.10.0
- Fix profile activity heatmap to show correct day name (eanplatter)
- Fix profile activity heatmap to show correct day name (eanplatter)
...
...
config/initializers/trusted_proxies.rb
View file @
d8e38de9
...
@@ -11,6 +11,12 @@ module Rack
...
@@ -11,6 +11,12 @@ module Rack
end
end
end
end
gitlab_trusted_proxies
=
Array
(
Gitlab
.
config
.
gitlab
.
trusted_proxies
).
map
do
|
proxy
|
begin
IPAddr
.
new
(
proxy
)
rescue
IPAddr
::
InvalidAddressError
end
end
.
compact
Rails
.
application
.
config
.
action_dispatch
.
trusted_proxies
=
(
Rails
.
application
.
config
.
action_dispatch
.
trusted_proxies
=
(
[
'127.0.0.1'
,
'::1'
]
+
Array
(
Gitlab
.
config
.
gitlab
.
trusted_proxies
)
[
'127.0.0.1'
,
'::1'
]
+
gitlab_trusted_proxies
)
).
map
{
|
proxy
|
IPAddr
.
new
(
proxy
)
}
spec/initializers/trusted_proxies_spec.rb
View file @
d8e38de9
...
@@ -17,6 +17,12 @@ describe 'trusted_proxies', lib: true do
...
@@ -17,6 +17,12 @@ describe 'trusted_proxies', lib: true do
expect
(
request
.
remote_ip
).
to
eq
(
'10.1.5.89'
)
expect
(
request
.
remote_ip
).
to
eq
(
'10.1.5.89'
)
expect
(
request
.
ip
).
to
eq
(
'10.1.5.89'
)
expect
(
request
.
ip
).
to
eq
(
'10.1.5.89'
)
end
end
it
'filters out bad values'
do
request
=
stub_request
(
'HTTP_X_FORWARDED_FOR'
=>
'(null), 10.1.5.89'
)
expect
(
request
.
remote_ip
).
to
eq
(
'10.1.5.89'
)
expect
(
request
.
ip
).
to
eq
(
'10.1.5.89'
)
end
end
end
context
'with private IP ranges added'
do
context
'with private IP ranges added'
do
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment