Merge branch 'sh-fix-hipchat-ssrf' into 'master'

[master] Prevent SSRF attacks in HipChat integration See merge request gitlab/gitlabhq!2530
author: Jan Provaznik <jprovaznik@gitlab.com> 2018-10-29 16:05:25 +0000
committer: Jan Provaznik <jprovaznik@gitlab.com> 2018-10-29 16:05:25 +0000
commit: 107351e07a69d94cd9aa27ca3439b1d79845fdc5 (patch)
tree: c9f7e79ee5f273706242e6302a96a146a36cebac /config
parent: a632452d3b6ec69b803d531dd04e3947085261a0 (diff)
parent: 215feb642de94485d7644a532b6a9982d964d539 (diff)
download: gitlab-ce-107351e07a69d94cd9aa27ca3439b1d79845fdc5.tar.gz
1 files changed, 14 insertions, 0 deletions
diff --git a/config/initializers/hipchat_client_patch.rb b/config/initializers/hipchat_client_patch.rb
new file mode 100644
index 00000000000..aec265312bb
--- /dev/null
+++ b/config/initializers/hipchat_client_patch.rb
@@ -0,0 +1,14 @@
+# This monkey patches the HTTParty used in https://github.com/hipchat/hipchat-rb.
+module HipChat
+  class Client
+    connection_adapter ::Gitlab::ProxyHTTPConnectionAdapter
+  end
+
+  class Room
+    connection_adapter ::Gitlab::ProxyHTTPConnectionAdapter
+  end
+
+  class User
+    connection_adapter ::Gitlab::ProxyHTTPConnectionAdapter
+  end
+end
author	Jan Provaznik <jprovaznik@gitlab.com>	2018-10-29 16:05:25 +0000
committer	Jan Provaznik <jprovaznik@gitlab.com>	2018-10-29 16:05:25 +0000
commit	107351e07a69d94cd9aa27ca3439b1d79845fdc5 (patch)
tree	c9f7e79ee5f273706242e6302a96a146a36cebac /config
parent	a632452d3b6ec69b803d531dd04e3947085261a0 (diff)
parent	215feb642de94485d7644a532b6a9982d964d539 (diff)
download	gitlab-ce-107351e07a69d94cd9aa27ca3439b1d79845fdc5.tar.gz