diff options
author | Francisco Javier López <fjlopez@gitlab.com> | 2018-06-01 11:43:53 +0000 |
---|---|---|
committer | Douwe Maan <douwe@gitlab.com> | 2018-06-01 11:43:53 +0000 |
commit | 840f80d48b7d8363f171f6137cd9f1fbafb52bfc (patch) | |
tree | 612c6f9b846f9f2f3b44931db12557024c49ef66 /app/assets/javascripts/integrations/integration_settings_form.js | |
parent | e206e32881e4fbfcbe647d7b2ee713c99ef1bf99 (diff) | |
download | gitlab-ce-840f80d48b7d8363f171f6137cd9f1fbafb52bfc.tar.gz |
Add validation to webhook and service URLs to ensure they are not blocked because of SSRF
Diffstat (limited to 'app/assets/javascripts/integrations/integration_settings_form.js')
-rw-r--r-- | app/assets/javascripts/integrations/integration_settings_form.js | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/app/assets/javascripts/integrations/integration_settings_form.js b/app/assets/javascripts/integrations/integration_settings_form.js index 741894b5e6c..cdb75752b4e 100644 --- a/app/assets/javascripts/integrations/integration_settings_form.js +++ b/app/assets/javascripts/integrations/integration_settings_form.js @@ -101,13 +101,19 @@ export default class IntegrationSettingsForm { return axios.put(this.testEndPoint, formData) .then(({ data }) => { if (data.error) { - flash(`${data.message} ${data.service_response}`, 'alert', document, { - title: 'Save anyway', - clickHandler: (e) => { - e.preventDefault(); - this.$form.submit(); - }, - }); + let flashActions; + + if (data.test_failed) { + flashActions = { + title: 'Save anyway', + clickHandler: (e) => { + e.preventDefault(); + this.$form.submit(); + }, + }; + } + + flash(`${data.message} ${data.service_response}`, 'alert', document, flashActions); } else { this.$form.submit(); } |