Avoid checking dns rebind protection in validation

author: Francisco Javier López <fjlopez@gitlab.com> 2019-09-05 09:11:14 +0000
committer: Thong Kuah <tkuah@gitlab.com> 2019-09-05 09:11:14 +0000
commit: 537eb0bb2d4d8a2af9753850c4a85fc473b68d8d (patch)
tree: 13528ed19cbc5c7a30fd0945223b8f2d84e9396b /app/validators
parent: 8d93ec2e90edde1b519fa59fdc8e2af12d76d4c0 (diff)
download: gitlab-ce-537eb0bb2d4d8a2af9753850c4a85fc473b68d8d.tar.gz
1 files changed, 7 insertions, 1 deletions
diff --git a/app/validators/addressable_url_validator.rb b/app/validators/addressable_url_validator.rb
index bb445499cee..f292730441c 100644
--- a/app/validators/addressable_url_validator.rb
+++ b/app/validators/addressable_url_validator.rb
@@ -42,6 +42,11 @@
 class AddressableUrlValidator < ActiveModel::EachValidator
   attr_reader :record
 
+  # By default, we avoid checking the dns rebinding protection
+  # when saving/updating a record. Sometimes, the url
+  # is not resolvable at that point, and some automated
+  # tasks that uses that url won't work.
+  # See https://gitlab.com/gitlab-org/gitlab-ce/issues/66723
   BLOCKER_VALIDATE_OPTIONS = {
     schemes: %w(http https),
     ports: [],
@@ -49,7 +54,8 @@ class AddressableUrlValidator < ActiveModel::EachValidator
     allow_local_network: true,
     ascii_only: false,
     enforce_user: false,
-    enforce_sanitization: false
+    enforce_sanitization: false,
+    dns_rebind_protection: false
   }.freeze
 
   DEFAULT_OPTIONS = BLOCKER_VALIDATE_OPTIONS.merge({
author	Francisco Javier López <fjlopez@gitlab.com>	2019-09-05 09:11:14 +0000
committer	Thong Kuah <tkuah@gitlab.com>	2019-09-05 09:11:14 +0000
commit	537eb0bb2d4d8a2af9753850c4a85fc473b68d8d (patch)
tree	13528ed19cbc5c7a30fd0945223b8f2d84e9396b /app/validators
parent	8d93ec2e90edde1b519fa59fdc8e2af12d76d4c0 (diff)
download	gitlab-ce-537eb0bb2d4d8a2af9753850c4a85fc473b68d8d.tar.gz