Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
409126c8
Commit
409126c8
authored
Aug 08, 2019
by
Reuben Pereira
Committed by
Achilleas Pipinellis
Aug 08, 2019
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add docs for local requests whitelist
- Add documentation under security/webhooks since similar docs are present there.
parent
79bff3ee
Changes
4
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
40 additions
and
0 deletions
+40
-0
doc/raketasks/web_hooks.md
doc/raketasks/web_hooks.md
+5
-0
doc/security/img/whitelist.png
doc/security/img/whitelist.png
+0
-0
doc/security/webhooks.md
doc/security/webhooks.md
+30
-0
doc/system_hooks/system_hooks.md
doc/system_hooks/system_hooks.md
+5
-0
No files found.
doc/raketasks/web_hooks.md
View file @
409126c8
...
@@ -53,3 +53,8 @@ sudo gitlab-rake gitlab:web_hook:list NAMESPACE=acme
...
@@ -53,3 +53,8 @@ sudo gitlab-rake gitlab:web_hook:list NAMESPACE=acme
# source installations
# source installations
bundle
exec
rake gitlab:web_hook:list
NAMESPACE
=
acme
RAILS_ENV
=
production
bundle
exec
rake gitlab:web_hook:list
NAMESPACE
=
acme
RAILS_ENV
=
production
```
```
## Local requests in webhooks
[
Requests to local network by webhooks
](
../security/webhooks.md
)
can be allowed
or blocked by an administrator.
doc/security/img/whitelist.png
0 → 100644
View file @
409126c8
10.4 KB
doc/security/webhooks.md
View file @
409126c8
...
@@ -45,6 +45,36 @@ NOTE: **Note:**
...
@@ -45,6 +45,36 @@ NOTE: **Note:**
set up by administrators. However, you can turn this off by disabling the
set up by administrators. However, you can turn this off by disabling the
**Allow requests to the local network from system hooks**
option.
**Allow requests to the local network from system hooks**
option.
## Whitelist for local requests
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/44496) in GitLab 12.2
You can allow certain domains and IP addresses to be accessible to both
*system hooks*
and
*webhooks*
even when local requests are not allowed by adding them to the
whitelist. Navigate to
**Admin Area > Settings > Network**
(
`/admin/application_settings/network`
)
and expand
**Outbound requests**
:
![
Outbound local requests whitelist
](
img/whitelist.png
)
The whilelist entries can be separated by semicolons, commas or whitespaces
(including newlines) and be in different formats like hostnames, IP addresses and/or
IP ranges. IPv6 is supported. Hostnames that contain unicode characters should
use IDNA encoding.
The whitelist can hold a maximum of 1000 entries. Each entry can be a maximum of
255 characters.
Example:
```
text
example.com;gitlab.example.com
127.0.0.1,1:0:0:0:0:0:0:1
127.0.0.0/8 1:0:0:0:0:0:0:0/124
```
NOTE:
**Note:**
Wildcards (
`*.example.com`
) and ports (
`127.0.0.1:3000`
) are not currently supported.
<!-- ## Troubleshooting
<!-- ## Troubleshooting
Include any troubleshooting steps that you can foresee. If you know beforehand what issues
Include any troubleshooting steps that you can foresee. If you know beforehand what issues
...
...
doc/system_hooks/system_hooks.md
View file @
409126c8
...
@@ -644,6 +644,11 @@ X-Gitlab-Event: System Hook
...
@@ -644,6 +644,11 @@ X-Gitlab-Event: System Hook
}
}
```
```
## Local requests in system hooks
[
Requests to local network by system hooks
](
../security/webhooks.md
)
can be allowed
or blocked by an administrator.
<!-- ## Troubleshooting
<!-- ## Troubleshooting
Include any troubleshooting steps that you can foresee. If you know beforehand what issues
Include any troubleshooting steps that you can foresee. If you know beforehand what issues
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment