diff options
author | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-07-26 13:41:05 +0000 |
---|---|---|
committer | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-07-26 13:41:05 +0000 |
commit | c4bc5dffa48d6d4eaa8e2dd294650ba25acf90b5 (patch) | |
tree | 15d42ea447813d40940d7b672d0d717f4a222244 /config | |
parent | 890c1421a4b28cdc65427235cd5a397c5d1be9c4 (diff) | |
parent | c93ce836930a875452432ccc0c92733fb8adda29 (diff) | |
download | gitlab-ce-c4bc5dffa48d6d4eaa8e2dd294650ba25acf90b5.tar.gz |
Merge branch 'security-github-ssrf-redirect' into 'master'
Do not allow localhost url redirection in GitHub Integration
See merge request gitlab/gitlabhq!3188
Diffstat (limited to 'config')
-rw-r--r-- | config/initializers/octokit.rb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/config/initializers/octokit.rb b/config/initializers/octokit.rb new file mode 100644 index 00000000000..b3749258ec5 --- /dev/null +++ b/config/initializers/octokit.rb @@ -0,0 +1 @@ +Octokit.middleware.insert_after Octokit::Middleware::FollowRedirects, Gitlab::Octokit::Middleware |