diff options
author | Douwe Maan <douwe@gitlab.com> | 2018-03-13 22:38:25 +0000 |
---|---|---|
committer | Mark Fletcher <mark@gitlab.com> | 2018-03-21 14:39:21 +0000 |
commit | 95ced3bb5fa52e166aa03ee592f63180601cbde7 (patch) | |
tree | 8e75e6ccf9a443ba004b11891b84518fd7cfe884 /app/models/application_setting.rb | |
parent | 30c480c2b3f4709f592d8b095f8653df940f6845 (diff) | |
download | gitlab-ce-95ced3bb5fa52e166aa03ee592f63180601cbde7.tar.gz |
Merge branch 'fj-15329-services-callbacks-ssrf' into 'security-10-6'
Server Side Request Forgery in Services and Web Hooks
See merge request gitlab/gitlabhq!2337
Diffstat (limited to 'app/models/application_setting.rb')
-rw-r--r-- | app/models/application_setting.rb | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/app/models/application_setting.rb b/app/models/application_setting.rb index 3cbbf8b5dfa..862933bf127 100644 --- a/app/models/application_setting.rb +++ b/app/models/application_setting.rb @@ -330,7 +330,8 @@ class ApplicationSetting < ActiveRecord::Base usage_ping_enabled: Settings.gitlab['usage_ping_enabled'], gitaly_timeout_fast: 10, gitaly_timeout_medium: 30, - gitaly_timeout_default: 55 + gitaly_timeout_default: 55, + allow_local_requests_from_hooks_and_services: false } end |