diff options
author | Stan Hu <stanhu@gmail.com> | 2015-08-23 13:31:02 -0700 |
---|---|---|
committer | Robert Speicher <rspeicher@gmail.com> | 2015-08-24 12:23:56 -0700 |
commit | 683f77bc5ae571323b0917d06b6ca9adedc1278c (patch) | |
tree | 0ee3f1627aec4f765b45dfbc1c158c5db5a94132 | |
parent | 6efd0bc1e2f273c98fb8f78cdcb1dcce1bd94a59 (diff) | |
download | gitlab-ce-683f77bc5ae571323b0917d06b6ca9adedc1278c.tar.gz |
Only include base URL in OmniAuth full_host parameter
Closes #2335
-rw-r--r-- | CHANGELOG | 5 | ||||
-rw-r--r-- | config/initializers/1_settings.rb | 26 | ||||
-rw-r--r-- | config/initializers/7_omniauth.rb | 2 |
3 files changed, 23 insertions, 10 deletions
diff --git a/CHANGELOG b/CHANGELOG index b25514bc6cd..b59b868f9a8 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,6 +1,9 @@ Please view this file on the master branch, on stable branches it's out of date. -v 7.14.0 (unreleased) +v 7.14.1 (unreleased) + - Only include base URL in OmniAuth full_host parameter (Stan Hu) + +v 7.14.0 - Fix bug where non-project members of the target project could set labels on new merge requests. - Update default robots.txt rules to disallow crawling of irrelevant pages (Ben Bodenmiller) - Fix redirection after sign in when using auto_sign_in_with_provider diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index 026c1a5792c..3a2b7d341d5 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -8,7 +8,7 @@ class Settings < Settingslogic def gitlab_on_standard_port? gitlab.port.to_i == (gitlab.https ? 443 : 80) end - + # get host without www, thanks to http://stackoverflow.com/a/6674363/1233435 def get_host_without_www(url) url = URI.encode(url) @@ -32,14 +32,12 @@ class Settings < Settingslogic end end + def build_base_gitlab_url + base_gitlab_url.join('') + end + def build_gitlab_url - custom_port = gitlab_on_standard_port? ? nil : ":#{gitlab.port}" - [ gitlab.protocol, - "://", - gitlab.host, - custom_port, - gitlab.relative_url_root - ].join('') + (base_gitlab_url + [gitlab.relative_url_root]).join('') end # check that values in `current` (string or integer) is a contant in `modul`. @@ -64,6 +62,17 @@ class Settings < Settingslogic end value end + + private + + def base_gitlab_url + custom_port = gitlab_on_standard_port? ? nil : ":#{gitlab.port}" + [ gitlab.protocol, + "://", + gitlab.host, + custom_port + ] + end end end @@ -123,6 +132,7 @@ Settings.gitlab['email_enabled'] ||= true if Settings.gitlab['email_enabled'].ni Settings.gitlab['email_from'] ||= "gitlab@#{Settings.gitlab.host}" Settings.gitlab['email_display_name'] ||= "GitLab" Settings.gitlab['email_reply_to'] ||= "noreply@#{Settings.gitlab.host}" +Settings.gitlab['base_url'] ||= Settings.send(:build_base_gitlab_url) Settings.gitlab['url'] ||= Settings.send(:build_gitlab_url) Settings.gitlab['user'] ||= 'git' Settings.gitlab['user_home'] ||= begin diff --git a/config/initializers/7_omniauth.rb b/config/initializers/7_omniauth.rb index 7f73546ac89..70ed10e8275 100644 --- a/config/initializers/7_omniauth.rb +++ b/config/initializers/7_omniauth.rb @@ -11,7 +11,7 @@ if Gitlab::LDAP::Config.enabled? end end -OmniAuth.config.full_host = Settings.gitlab['url'] +OmniAuth.config.full_host = Settings.gitlab['base_url'] OmniAuth.config.allowed_request_methods = [:post] #In case of auto sign-in, the GET method is used (users don't get to click on a button) OmniAuth.config.allowed_request_methods << :get if Gitlab.config.omniauth.auto_sign_in_with_provider.present? |