Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
1e8f2ccf
Commit
1e8f2ccf
authored
Jul 25, 2016
by
Rémy Coutable
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Merge branch 'reject-invalid-trusted-proxies'
See !5454. Signed-off-by:
Rémy Coutable
<
remy@rymai.me
>
parent
7b5fb0ce
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
15 additions
and
2 deletions
+15
-2
CHANGELOG
CHANGELOG
+1
-0
config/initializers/trusted_proxies.rb
config/initializers/trusted_proxies.rb
+8
-2
spec/initializers/trusted_proxies_spec.rb
spec/initializers/trusted_proxies_spec.rb
+6
-0
No files found.
CHANGELOG
View file @
1e8f2ccf
...
@@ -6,6 +6,7 @@ v 8.10.1 (unreleased)
...
@@ -6,6 +6,7 @@ v 8.10.1 (unreleased)
- Add detailed info on storage path mountpoints. !5437
- Add detailed info on storage path mountpoints. !5437
- Fix Error 500 when creating Wiki pages with hyphens or spaces. !5444
- Fix Error 500 when creating Wiki pages with hyphens or spaces. !5444
- Fix bug where replies to commit notes displayed in the MR discussion tab wouldn't show up on the commit page. !5446
- Fix bug where replies to commit notes displayed in the MR discussion tab wouldn't show up on the commit page. !5446
- Ignore invalid trusted proxies in X-Forwarded-For header. !5454
v 8.10.0
v 8.10.0
- Fix profile activity heatmap to show correct day name (eanplatter)
- Fix profile activity heatmap to show correct day name (eanplatter)
...
...
config/initializers/trusted_proxies.rb
View file @
1e8f2ccf
...
@@ -11,6 +11,12 @@ module Rack
...
@@ -11,6 +11,12 @@ module Rack
end
end
end
end
gitlab_trusted_proxies
=
Array
(
Gitlab
.
config
.
gitlab
.
trusted_proxies
).
map
do
|
proxy
|
begin
IPAddr
.
new
(
proxy
)
rescue
IPAddr
::
InvalidAddressError
end
end
.
compact
Rails
.
application
.
config
.
action_dispatch
.
trusted_proxies
=
(
Rails
.
application
.
config
.
action_dispatch
.
trusted_proxies
=
(
[
'127.0.0.1'
,
'::1'
]
+
Array
(
Gitlab
.
config
.
gitlab
.
trusted_proxies
)
[
'127.0.0.1'
,
'::1'
]
+
gitlab_trusted_proxies
)
).
map
{
|
proxy
|
IPAddr
.
new
(
proxy
)
}
spec/initializers/trusted_proxies_spec.rb
View file @
1e8f2ccf
...
@@ -17,6 +17,12 @@ describe 'trusted_proxies', lib: true do
...
@@ -17,6 +17,12 @@ describe 'trusted_proxies', lib: true do
expect
(
request
.
remote_ip
).
to
eq
(
'10.1.5.89'
)
expect
(
request
.
remote_ip
).
to
eq
(
'10.1.5.89'
)
expect
(
request
.
ip
).
to
eq
(
'10.1.5.89'
)
expect
(
request
.
ip
).
to
eq
(
'10.1.5.89'
)
end
end
it
'filters out bad values'
do
request
=
stub_request
(
'HTTP_X_FORWARDED_FOR'
=>
'(null), 10.1.5.89'
)
expect
(
request
.
remote_ip
).
to
eq
(
'10.1.5.89'
)
expect
(
request
.
ip
).
to
eq
(
'10.1.5.89'
)
end
end
end
context
'with private IP ranges added'
do
context
'with private IP ranges added'
do
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment