summaryrefslogtreecommitdiff
path: root/app/models/application_setting.rb
diff options
context:
space:
mode:
authorDouwe Maan <douwe@gitlab.com>2018-03-13 22:38:25 +0000
committerMark Fletcher <mark@gitlab.com>2018-03-21 14:39:21 +0000
commit95ced3bb5fa52e166aa03ee592f63180601cbde7 (patch)
tree8e75e6ccf9a443ba004b11891b84518fd7cfe884 /app/models/application_setting.rb
parent30c480c2b3f4709f592d8b095f8653df940f6845 (diff)
downloadgitlab-ce-95ced3bb5fa52e166aa03ee592f63180601cbde7.tar.gz
Merge branch 'fj-15329-services-callbacks-ssrf' into 'security-10-6'
Server Side Request Forgery in Services and Web Hooks See merge request gitlab/gitlabhq!2337
Diffstat (limited to 'app/models/application_setting.rb')
-rw-r--r--app/models/application_setting.rb3
1 files changed, 2 insertions, 1 deletions
diff --git a/app/models/application_setting.rb b/app/models/application_setting.rb
index 3cbbf8b5dfa..862933bf127 100644
--- a/app/models/application_setting.rb
+++ b/app/models/application_setting.rb
@@ -330,7 +330,8 @@ class ApplicationSetting < ActiveRecord::Base
usage_ping_enabled: Settings.gitlab['usage_ping_enabled'],
gitaly_timeout_fast: 10,
gitaly_timeout_medium: 30,
- gitaly_timeout_default: 55
+ gitaly_timeout_default: 55,
+ allow_local_requests_from_hooks_and_services: false
}
end
View Lorry Controller Status