delta/gitlab/gitlab-ce.git/lib/support, branch add-docker-debugging-docs gitlab.com: gitlab-org/gitlab-ce.git Defend against 'Host' header injection 2016-07-12T17:50:20+00:00 Jacob Vosmaer jacob@gitlab.com 2016-07-12T15:22:10+00:00 47b5b441395921e9f8e9982bb3f560e5db5a67bc Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/17877 . This change adds 'defense in depth' against 'Host' HTTP header injection. It affects normal users in the following way. Suppose your GitLab server has IP address 1.2.3.4 and hostname gitlab.example.com. Currently, if you enter 1.2.3.4 in your browser, you get redirected to 1.2.3.4/users/sign_in. After this change, you get redirected from 1.2.3.4 to gitlab.example.com/users/sign_in. This is because the address you typed in the address bar of your browser ('1.2.3.4'), which gets stored in the 'Host' header, is now being overwritten to 'gitlab.example.com' in NGINX. In this change we also make NGINX clear the 'X-Forwarded-Host' header because Ruby on Rails also uses that header the same wayas the 'Host' header. We think that for most GitLab servers this is the right behavior, and if not then administrators can change this behavior themselves at the NGINX level. 
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/17877 .

This change adds 'defense in depth' against 'Host' HTTP header
injection. It affects normal users in the following way. Suppose your
GitLab server has IP address 1.2.3.4 and hostname gitlab.example.com.
Currently, if you enter 1.2.3.4 in your browser, you get redirected to
1.2.3.4/users/sign_in. After this change, you get redirected from
1.2.3.4 to gitlab.example.com/users/sign_in. This is because the
address you typed in the address bar of your browser ('1.2.3.4'),
which gets stored in the 'Host' header, is now being overwritten to
'gitlab.example.com' in NGINX.

In this change we also make NGINX clear the 'X-Forwarded-Host' header
because Ruby on Rails also uses that header the same wayas the 'Host'
header.

We think that for most GitLab servers this is the right behavior, and
if not then administrators can change this behavior themselves at the
NGINX level.
Add note about port needed in NGINX config 2016-05-23T00:20:28+00:00 Achilleas Pipinellis axilleas@axilleas.me 2016-05-23T00:20:28+00:00 f55f62853162af86989a8343c6692c956f7ccbb0 






Add NGINX config file for Registry
2016-05-22T19:54:29+00:00

Achilleas Pipinellis
axilleas@axilleas.me

2016-05-20T18:19:42+00:00

c1af75192dd281e23249a5d4eb4126dce5bc5efd












Replace gitlab-workhorse with GitLab Workhorse where appropriate
2016-04-28T14:36:50+00:00

Achilleas Pipinellis
axilleas@axilleas.me

2016-01-20T09:57:12+00:00

c73bf28143a8fb6adf7322bb301e28b20fb6bee2












Add a branded 503 static error page
2016-04-22T20:26:42+00:00

Robert Speicher
rspeicher@gmail.com

2016-04-22T20:26:18+00:00

d85f65ef4e07fc0c58d51b2e943ad2acb87ef461

[ci skip]

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15398





[ci skip]

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15398







Remove deprecated NGINX CI config
2016-04-14T17:31:19+00:00

Achilleas Pipinellis
axilleas@axilleas.me

2016-04-14T17:31:19+00:00

2165bbc7853016ea68f36b44ad0590623add7bcf












Do not serve anything via nginx as we have workhorse
2016-03-11T14:04:04+00:00

Artem Sidorenko
artem@posteo.de

2016-02-27T08:28:00+00:00

fb5c2147a9f2b3acc6ad5297c737da0f5546c247

Otherwise this might 'hide' problems
https://github.com/gitlabhq/gitlabhq/issues/10053#issuecomment-188919319





Otherwise this might 'hide' problems
https://github.com/gitlabhq/gitlabhq/issues/10053#issuecomment-188919319







Merge branch 'doc_relative_url' into 'master'

2016-02-10T10:51:18+00:00

Achilleas Pipinellis
axilleas@axilleas.me

2016-02-10T10:51:18+00:00

10aa99a30c311c59358d1547ebcbe0f6a92227a7


Add documentation on relative URL support

closes #12773

See merge request !2770





Add documentation on relative URL support

closes #12773

See merge request !2770






Edit configuration files for relative URL support
2016-02-09T14:59:42+00:00

Achilleas Pipinellis
axilleas@axilleas.me

2016-02-09T14:50:42+00:00

b532109b97a7764aef808673a084da1731ed452d

[ci skip]





[ci skip]







Merge branch 'fix-init' into 'master'

2016-02-08T17:30:10+00:00

Rémy Coutable
remy@rymai.me

2016-02-08T17:30:10+00:00

555b1a621a9a73e8cdead9888375a43a8e59f639


Fixed init.d script not working on OS X

-s flag of su doesn't work correctly on OS X, logging in as the user
and not running the requested command. By moving the bash shell init
inside the su command we avoid the issue

Fixes Issue #3309 

See merge request !1728





Fixed init.d script not working on OS X

-s flag of su doesn't work correctly on OS X, logging in as the user
and not running the requested command. By moving the bash shell init
inside the su command we avoid the issue

Fixes Issue #3309 

See merge request !1728