Show tooltip for malicious looking links

Such as those with IDN homographs or embedded right-to-left (RTLO) characters. Autolinked hrefs should be escaped
author: Brett Walker <bwalker@gitlab.com> 2019-01-14 16:57:54 -0600
committer: Yorick Peterse <yorickpeterse@gmail.com> 2019-01-31 16:52:20 +0100
commit: 40983f4a9c960bac4eb59a54816ae63177015c51 (patch)
tree: 6d4a085affdd9af4dd351f4b69b044549b93da28 /changelogs
parent: b3c13bbb3c62c90dbb9a606b27699df8d681cec3 (diff)
download: gitlab-ce-40983f4a9c960bac4eb59a54816ae63177015c51.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/changelogs/unreleased/security-2769-idn-homograph-attack.yml b/changelogs/unreleased/security-2769-idn-homograph-attack.yml
new file mode 100644
index 00000000000..a014b522c96
--- /dev/null
+++ b/changelogs/unreleased/security-2769-idn-homograph-attack.yml
@@ -0,0 +1,5 @@
+---
+title: Make potentially malicious links more visible in the UI and scrub RTLO chars from links
+merge_request: 2770
+author:
+type: security
author	Brett Walker <bwalker@gitlab.com>	2019-01-14 16:57:54 -0600
committer	Yorick Peterse <yorickpeterse@gmail.com>	2019-01-31 16:52:20 +0100
commit	40983f4a9c960bac4eb59a54816ae63177015c51 (patch)
tree	6d4a085affdd9af4dd351f4b69b044549b93da28 /changelogs
parent	b3c13bbb3c62c90dbb9a606b27699df8d681cec3 (diff)
download	gitlab-ce-40983f4a9c960bac4eb59a54816ae63177015c51.tar.gz