diff options
author | Robert Speicher <robert@gitlab.com> | 2017-09-27 20:15:39 +0000 |
---|---|---|
committer | Stan Hu <stanhu@gmail.com> | 2017-10-15 21:48:29 -0700 |
commit | e4884d9d2b4bd540e60d32a012a90ff6c21ba17c (patch) | |
tree | aae5e659ebad17ff8bd55ff09854de3472c7a9e5 | |
parent | c7b8e61d8db9eca4abb8a2b2fcac0eababa28a09 (diff) | |
download | gitlab-ce-e4884d9d2b4bd540e60d32a012a90ff6c21ba17c.tar.gz |
Merge branch 'fix-arbitrary-redirect-vulnerability' into 'security-10-0'
Fix arbitrary redirect location vulnerability
See merge request gitlab/gitlabhq!2192
-rw-r--r-- | app/controllers/projects/application_controller.rb | 10 | ||||
-rw-r--r-- | app/controllers/projects_controller.rb | 10 | ||||
-rw-r--r-- | changelogs/unreleased/fix-arbitrary-redirect-vulnerability.yml | 5 |
3 files changed, 15 insertions, 10 deletions
diff --git a/app/controllers/projects/application_controller.rb b/app/controllers/projects/application_controller.rb index d7dd8ddcb7d..9e79852e378 100644 --- a/app/controllers/projects/application_controller.rb +++ b/app/controllers/projects/application_controller.rb @@ -2,7 +2,6 @@ class Projects::ApplicationController < ApplicationController include RoutableActions skip_before_action :authenticate_user! - before_action :redirect_git_extension before_action :project before_action :repository layout 'project' @@ -11,15 +10,6 @@ class Projects::ApplicationController < ApplicationController private - def redirect_git_extension - # Redirect from - # localhost/group/project.git - # to - # localhost/group/project - # - redirect_to url_for(params.merge(format: nil)) if params[:format] == 'git' - end - def project return @project if @project return nil unless params[:project_id] || params[:id] diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index a738ca9f361..41f748475d9 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -3,6 +3,7 @@ class ProjectsController < Projects::ApplicationController include ExtractsPath before_action :authenticate_user!, except: [:index, :show, :activity, :refs] + before_action :redirect_git_extension, only: [:show] before_action :project, except: [:index, :new, :create] before_action :repository, except: [:index, :new, :create] before_action :assign_ref_vars, only: [:show], if: :repo_exists? @@ -400,4 +401,13 @@ class ProjectsController < Projects::ApplicationController def project_export_enabled render_404 unless current_application_settings.project_export_enabled? end + + def redirect_git_extension + # Redirect from + # localhost/group/project.git + # to + # localhost/group/project + # + redirect_to request.original_url.sub(/\.git\/?\Z/, '') if params[:format] == 'git' + end end diff --git a/changelogs/unreleased/fix-arbitrary-redirect-vulnerability.yml b/changelogs/unreleased/fix-arbitrary-redirect-vulnerability.yml new file mode 100644 index 00000000000..8d456b57963 --- /dev/null +++ b/changelogs/unreleased/fix-arbitrary-redirect-vulnerability.yml @@ -0,0 +1,5 @@ +--- +title: Prevent an open redirect on project pages +merge_request: +author: +type: security |