Merge branch 'security-enable-image-proxy' into 'master'

Use image proxy to mitigate stealing ip addresses

Closes #2812

See merge request gitlab/gitlabhq!2926

1 files changed, 14 insertions, 1 deletions

diff --git a/app/services/application_settings/update_service.rb b/app/services/application_settings/update_service.rb
index 471df6e2d0c..03ff282dec5 100644
--- a/app/services/application_settings/update_service.rb
+++ b/app/services/application_settings/update_service.rb
@@ -6,6 +6,8 @@ module ApplicationSettings
 
     attr_reader :params, :application_setting
 
+    MARKDOWN_CACHE_INVALIDATING_PARAMS = %w(asset_proxy_enabled asset_proxy_url asset_proxy_secret_key asset_proxy_whitelist).freeze
+
     def execute
       validate_classification_label(application_setting, :external_authorization_service_default_label)
 
@@ -25,7 +27,13 @@ module ApplicationSettings
         params[:usage_stats_set_by_user_id] = current_user.id
       end
 
-      @application_setting.update(@params)
+      @application_setting.assign_attributes(params)
+
+      if invalidate_markdown_cache?
+        @application_setting[:local_markdown_version] = @application_setting.local_markdown_version + 1
+      end
+
+      @application_setting.save
     end
 
     private
@@ -41,6 +49,11 @@ module ApplicationSettings
       @application_setting.add_to_outbound_local_requests_whitelist(values_array)
     end
 
+    def invalidate_markdown_cache?
+      !params.key?(:local_markdown_version) &&
+        (@application_setting.changes.keys & MARKDOWN_CACHE_INVALIDATING_PARAMS).any?
+    end
+
     def update_terms(terms)
       return unless terms.present?