Merge branch 'ssrf' into 'security'

nil check for url_blocker? See merge request !2076
author: Rubén Dávila <ruben@gitlab.com> 2017-03-18 17:56:05 +0000
committer: Ruben Davila <rdavila84@gmail.com> 2017-03-18 13:55:10 -0500
commit: 78d47070ca515fd36cdcf89fe7518e44a71387ac (patch)
tree: 52023ac8e8012b992b0237f654b8133d75ac0518
parent: a70346fc6530aa28a98e4aa4cf0f40e2c3bcef6b (diff)
download: gitlab-ce-78d47070ca515fd36cdcf89fe7518e44a71387ac.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/gitlab/url_blocker.rb b/lib/gitlab/url_blocker.rb
index bb2f4edc1a0..7e14a566696 100644
--- a/lib/gitlab/url_blocker.rb
+++ b/lib/gitlab/url_blocker.rb
@@ -8,6 +8,8 @@ module Gitlab
       VALID_PORTS = [22, 80, 443].freeze
 
       def blocked_url?(url)
+        return false if url.nil?
+
         blocked_ips = ["127.0.0.1", "::1", "0.0.0.0"]
         blocked_ips.concat(Socket.ip_address_list.map(&:ip_address))
author	Rubén Dávila <ruben@gitlab.com>	2017-03-18 17:56:05 +0000
committer	Ruben Davila <rdavila84@gmail.com>	2017-03-18 13:55:10 -0500
commit	78d47070ca515fd36cdcf89fe7518e44a71387ac (patch)
tree	52023ac8e8012b992b0237f654b8133d75ac0518
parent	a70346fc6530aa28a98e4aa4cf0f40e2c3bcef6b (diff)
download	gitlab-ce-78d47070ca515fd36cdcf89fe7518e44a71387ac.tar.gz