Merge branch 'open-redirect-host-fix' into 'security'

Fix for three open redirect vulns using redirect_to url_for(params.merge))) See merge request !2082
author: Sean McGivern <sean@gitlab.com> 2017-04-05 22:52:19 +0000
committer: DJ Mountney <david@twkie.net> 2017-04-05 21:06:58 -0700
commit: b80653bb6aa8518e0a61e85cae4430928078c092 (patch)
tree: 46d3de9e716c4491fb0e23d6b6790b41f441de2c /changelogs
parent: 0d8fba4eece4fa527dd764472c0e05e1f05f8bc4 (diff)
download: gitlab-ce-b80653bb6aa8518e0a61e85cae4430928078c092.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/changelogs/unreleased/open-redirect-host-field.yml b/changelogs/unreleased/open-redirect-host-field.yml
new file mode 100644
index 00000000000..bed4b47cf04
--- /dev/null
+++ b/changelogs/unreleased/open-redirect-host-field.yml
@@ -0,0 +1,4 @@
+---
+title: Fix for open redirect vulnerabilities in todos, issues, and MR controllers.
+merge_request: 
+author:
author	Sean McGivern <sean@gitlab.com>	2017-04-05 22:52:19 +0000
committer	DJ Mountney <david@twkie.net>	2017-04-05 21:06:58 -0700
commit	b80653bb6aa8518e0a61e85cae4430928078c092 (patch)
tree	46d3de9e716c4491fb0e23d6b6790b41f441de2c /changelogs
parent	0d8fba4eece4fa527dd764472c0e05e1f05f8bc4 (diff)
download	gitlab-ce-b80653bb6aa8518e0a61e85cae4430928078c092.tar.gz