diff options
| author | Thiago Presa <tpresa@gitlab.com> | 2018-10-23 02:19:41 +0000 |
|---|---|---|
| committer | Thiago Presa <tpresa@gitlab.com> | 2018-10-22 23:46:25 -0300 |
| commit | f17e36feab266a62b316bfe88d7d558c2debaf9b (patch) | |
| tree | d15c5b6477812110ae399a5078caaa69ee4d9697 /config/initializers/hipchat_client_patch.rb | |
| parent | 6ebbd70fbb3bfbda9745ad16ec1cd26ad41366c5 (diff) | |
| download | gitlab-ce-f17e36feab266a62b316bfe88d7d558c2debaf9b.tar.gz | |
Merge branch 'sh-block-other-localhost-11-4' into 'security-11-4'
[11.4] Prevent SSRF attacks in HipChat integration
See merge request gitlab/gitlabhq!2547
Diffstat (limited to 'config/initializers/hipchat_client_patch.rb')
| -rw-r--r-- | config/initializers/hipchat_client_patch.rb | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/config/initializers/hipchat_client_patch.rb b/config/initializers/hipchat_client_patch.rb new file mode 100644 index 00000000000..aec265312bb --- /dev/null +++ b/config/initializers/hipchat_client_patch.rb @@ -0,0 +1,14 @@ +# This monkey patches the HTTParty used in https://github.com/hipchat/hipchat-rb. +module HipChat + class Client + connection_adapter ::Gitlab::ProxyHTTPConnectionAdapter + end + + class Room + connection_adapter ::Gitlab::ProxyHTTPConnectionAdapter + end + + class User + connection_adapter ::Gitlab::ProxyHTTPConnectionAdapter + end +end |