Merge branch 'ssrf' into 'security'

nil check for url_blocker? See merge request !2076
author: Rubén Dávila <ruben@gitlab.com> 2017-03-18 17:56:05 +0000
committer: Ruben Davila <rdavila84@gmail.com> 2017-03-18 13:38:56 -0500
commit: 9ad1d34017b46fedf9038f5b962cd452cf686a1d (patch)
tree: 58f246f02381735cfc709c8ef9c1daa447158079
parent: 43f5a2739dbf8f5c4c16a79f98e2630888f6b5d1 (diff)
download: gitlab-ce-9ad1d34017b46fedf9038f5b962cd452cf686a1d.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/gitlab/url_blocker.rb b/lib/gitlab/url_blocker.rb
index bb2f4edc1a0..7e14a566696 100644
--- a/lib/gitlab/url_blocker.rb
+++ b/lib/gitlab/url_blocker.rb
@@ -8,6 +8,8 @@ module Gitlab
       VALID_PORTS = [22, 80, 443].freeze
 
       def blocked_url?(url)
+        return false if url.nil?
+
         blocked_ips = ["127.0.0.1", "::1", "0.0.0.0"]
         blocked_ips.concat(Socket.ip_address_list.map(&:ip_address))
author	Rubén Dávila <ruben@gitlab.com>	2017-03-18 17:56:05 +0000
committer	Ruben Davila <rdavila84@gmail.com>	2017-03-18 13:38:56 -0500
commit	9ad1d34017b46fedf9038f5b962cd452cf686a1d (patch)
tree	58f246f02381735cfc709c8ef9c1daa447158079
parent	43f5a2739dbf8f5c4c16a79f98e2630888f6b5d1 (diff)
download	gitlab-ce-9ad1d34017b46fedf9038f5b962cd452cf686a1d.tar.gz