summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
authorJoern Schneeweisz <jschneeweisz@gitlab.com>2019-10-22 14:09:57 +0200
committerJoern Schneeweisz <jschneeweisz@gitlab.com>2019-10-22 14:11:26 +0200
commit4b38003d412c6982041c5c3b204d38ed7f53e299 (patch)
tree99ae22cf4562ebf32ae48cf579476b0ce443893c /app
parent1425a56c75beecaa289ad59587d636f8f469509e (diff)
downloadgitlab-ce-4b38003d412c6982041c5c3b204d38ed7f53e299.tar.gz
Use the '\A' and '\z' regex anchors in `InternalRedirect` to mitigate an Open Redirect issue.
Fixes https://dev.gitlab.org/gitlab/gitlabhq/issues/2934 and https://gitlab.com/gitlab-org/gitlab/issues/33569
Diffstat (limited to 'app')
-rw-r--r--app/controllers/concerns/internal_redirect.rb2
1 files changed, 1 insertions, 1 deletions
diff --git a/app/controllers/concerns/internal_redirect.rb b/app/controllers/concerns/internal_redirect.rb
index 99bbfd56516..a35bc19aa37 100644
--- a/app/controllers/concerns/internal_redirect.rb
+++ b/app/controllers/concerns/internal_redirect.rb
@@ -6,7 +6,7 @@ module InternalRedirect
def safe_redirect_path(path)
return unless path
# Verify that the string starts with a `/` and a known route character.
- return unless path =~ %r{^/[-\w].*$}
+ return unless path =~ %r{\A/[-\w].*\z}
uri = URI(path)
# Ignore anything path of the redirect except for the path, querystring and,