diff options
| author | Ruben Davila <rdavila84@gmail.com> | 2016-06-24 16:20:53 -0500 |
|---|---|---|
| committer | Ruben Davila <rdavila84@gmail.com> | 2016-06-24 16:20:53 -0500 |
| commit | 7627cc19897d1ff8963fde37697e6dc5d32e51ba (patch) | |
| tree | bb932e1bb8e65b79ca3571e922663b83d70381b3 /app | |
| parent | e6d87b39e4ae29e6be499aa5f11a2db99a20b648 (diff) | |
| download | gitlab-ce-7627cc19897d1ff8963fde37697e6dc5d32e51ba.tar.gz | |
Validate presence of essential params for diff renderingissue_19096
This will avoid application errors generated by the assumption of the
presence of these params.
Diffstat (limited to 'app')
| -rw-r--r-- | app/controllers/projects/blob_controller.rb | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/app/controllers/projects/blob_controller.rb b/app/controllers/projects/blob_controller.rb index cd8b2911674..7599fec3cdf 100644 --- a/app/controllers/projects/blob_controller.rb +++ b/app/controllers/projects/blob_controller.rb @@ -16,6 +16,7 @@ class Projects::BlobController < Projects::ApplicationController before_action :from_merge_request, only: [:edit, :update] before_action :require_branch_head, only: [:edit, :update] before_action :editor_variables, except: [:show, :preview, :diff] + before_action :validate_diff_params, only: :diff def new commit unless @repository.empty? @@ -146,4 +147,10 @@ class Projects::BlobController < Projects::ApplicationController file_content_encoding: params[:encoding] } end + + def validate_diff_params + if [:since, :to, :offset].any? { |key| params[key].blank? } + render nothing: true + end + end end |