diff options
| author | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-06-03 12:33:59 +0000 |
|---|---|---|
| committer | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-06-03 12:33:59 +0000 |
| commit | 3a7bf68e34b493870146fa026c9a3da1899ef779 (patch) | |
| tree | f083f08a2571f941fc3b91a0b11d9dbbdfec8464 /app/views | |
| parent | c45c64ce298fab6eca6c54142ab5844a4b2c5c63 (diff) | |
| parent | a1a0f8e6b017f57060bc94d14fd4d37d8756e47d (diff) | |
| download | gitlab-ce-3a7bf68e34b493870146fa026c9a3da1899ef779.tar.gz | |
Merge branch 'dm-http-hostname-override' into 'master'
Protect Gitlab::HTTP against DNS rebinding attack
See merge request gitlab/gitlabhq!3071
Diffstat (limited to 'app/views')
| -rw-r--r-- | app/views/admin/application_settings/_outbound.html.haml | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/app/views/admin/application_settings/_outbound.html.haml b/app/views/admin/application_settings/_outbound.html.haml index f4bfb5af385..dd56bb99a06 100644 --- a/app/views/admin/application_settings/_outbound.html.haml +++ b/app/views/admin/application_settings/_outbound.html.haml @@ -8,4 +8,12 @@ = f.label :allow_local_requests_from_hooks_and_services, class: 'form-check-label' do Allow requests to the local network from hooks and services + .form-group + .form-check + = f.check_box :dns_rebinding_protection_enabled, class: 'form-check-input' + = f.label :dns_rebinding_protection_enabled, class: 'form-check-label' do + = _('Enforce DNS rebinding attack protection') + %span.form-text.text-muted + = _('Resolves IP addresses once and uses them to submit requests') + = f.submit 'Save changes', class: "btn btn-success" |