diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-08-30 12:22:09 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-08-30 12:22:09 +0000 |
commit | eba52140851d2fb08665119c0a3997d0612ccb88 (patch) | |
tree | 4bc562fadc518009435642e0bd265c8fb5bdc5a5 /app/models | |
parent | 2da7c8579601c14a93d4291b8cf5fa39c6eeabd8 (diff) | |
download | gitlab-ce-eba52140851d2fb08665119c0a3997d0612ccb88.tar.gz |
Add latest changes from gitlab-org/security/gitlab@14-2-stable-ee
Diffstat (limited to 'app/models')
-rw-r--r-- | app/models/design_management/design.rb | 2 | ||||
-rw-r--r-- | app/models/integrations/datadog.rb | 9 |
2 files changed, 2 insertions, 9 deletions
diff --git a/app/models/design_management/design.rb b/app/models/design_management/design.rb index 79f5a63bcb6..feb1bf5438c 100644 --- a/app/models/design_management/design.rb +++ b/app/models/design_management/design.rb @@ -169,7 +169,7 @@ module DesignManagement @link_reference_pattern ||= begin path_segment = %r{issues/#{Gitlab::Regex.issue}/designs} ext = Regexp.new(Regexp.union(SAFE_IMAGE_EXT + DANGEROUS_IMAGE_EXT).source, Regexp::IGNORECASE) - valid_char = %r{[^/\s]} # any char that is not a forward slash or whitespace + valid_char = %r{[[:word:]\.\-\+]} filename_pattern = %r{ (?<url_filename> #{valid_char}+ \. #{ext}) }x diff --git a/app/models/integrations/datadog.rb b/app/models/integrations/datadog.rb index 5516e6bc2c0..6422f6bddab 100644 --- a/app/models/integrations/datadog.rb +++ b/app/models/integrations/datadog.rb @@ -8,7 +8,6 @@ module Integrations DEFAULT_DOMAIN = 'datadoghq.com' URL_TEMPLATE = 'https://webhooks-http-intake.logs.%{datadog_domain}/api/v2/webhook' - URL_TEMPLATE_API_KEYS = 'https://app.%{datadog_domain}/account/settings#api' URL_API_KEYS_DOCS = "https://docs.#{DEFAULT_DOMAIN}/account_management/api-app-keys/" SUPPORTED_EVENTS = %w[ @@ -90,7 +89,7 @@ module Integrations help: ERB::Util.html_escape( s_('DatadogIntegration|%{linkOpen}API key%{linkClose} used for authentication with Datadog.') ) % { - linkOpen: '<a href="%s" target="_blank" rel="noopener noreferrer">'.html_safe % api_keys_url, + linkOpen: %Q{<a href="#{URL_API_KEYS_DOCS}" target="_blank" rel="noopener noreferrer">}.html_safe, linkClose: '</a>'.html_safe }, required: true @@ -132,12 +131,6 @@ module Integrations url.to_s end - def api_keys_url - return URL_API_KEYS_DOCS unless datadog_site.presence - - sprintf(URL_TEMPLATE_API_KEYS, datadog_domain: datadog_domain) - end - def execute(data) object_kind = data[:object_kind] object_kind = 'job' if object_kind == 'build' |