diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-07 00:09:33 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-07 00:09:33 +0000 |
commit | b56027c9d80ac0e297ba8a43c81e8504172dbf9f (patch) | |
tree | b85f743277145e930ae195664655d696e6e0a7fc /app/controllers/import/gitea_controller.rb | |
parent | 7915c41e4261719719e791602c8235574157164c (diff) | |
download | gitlab-ce-b56027c9d80ac0e297ba8a43c81e8504172dbf9f.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/controllers/import/gitea_controller.rb')
-rw-r--r-- | app/controllers/import/gitea_controller.rb | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/app/controllers/import/gitea_controller.rb b/app/controllers/import/gitea_controller.rb index f0888e08622..42c23fb29a7 100644 --- a/app/controllers/import/gitea_controller.rb +++ b/app/controllers/import/gitea_controller.rb @@ -3,6 +3,8 @@ class Import::GiteaController < Import::GithubController extend ::Gitlab::Utils::Override + before_action :verify_blocked_uri, only: :status + def new if session[access_token_key].present? && provider_url.present? redirect_to status_import_url @@ -16,13 +18,7 @@ class Import::GiteaController < Import::GithubController # Must be defined or it will 404 def status - if blocked_url? - session[access_token_key] = nil - - redirect_to new_import_url, alert: _('Specified URL cannot be used.') - else - super - end + super end private @@ -61,8 +57,8 @@ class Import::GiteaController < Import::GithubController { host: provider_url, api_version: 'v1' } end - def blocked_url? - Gitlab::UrlBlocker.blocked_url?( + def verify_blocked_uri + Gitlab::UrlBlocker.validate!( provider_url, { allow_localhost: allow_local_requests?, @@ -70,6 +66,10 @@ class Import::GiteaController < Import::GithubController schemes: %w(http https) } ) + rescue Gitlab::UrlBlocker::BlockedUrlError => e + session[access_token_key] = nil + + redirect_to new_import_url, alert: _('Specified URL cannot be used: "%{reason}"') % { reason: e.message } end def allow_local_requests? |