diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-01-07 18:07:34 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-01-07 18:07:34 +0000 |
commit | 8dafc3b65aeb8f50fdfc38fb98d96c3db9e2f607 (patch) | |
tree | ecc8ff28071e68108aea21380d80132e388d48bf /doc/security | |
parent | b4028d450087e97f26d4baa23e08396bcbabe3e0 (diff) | |
download | gitlab-ce-8dafc3b65aeb8f50fdfc38fb98d96c3db9e2f607.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/security')
-rw-r--r-- | doc/security/webhooks.md | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/doc/security/webhooks.md b/doc/security/webhooks.md index cb9ad2b694c..d7baf786906 100644 --- a/doc/security/webhooks.md +++ b/doc/security/webhooks.md @@ -35,8 +35,8 @@ to endpoints like `http://localhost:123/some-resource/delete`. To prevent this type of exploitation from happening, starting with GitLab 10.6, all Webhook requests to the current GitLab instance server address and/or in a private network will be forbidden by default. That means that all requests made -to 127.0.0.1, ::1 and 0.0.0.0, as well as IPv4 10.0.0.0/8, 172.16.0.0/12, -192.168.0.0/16 and IPv6 site-local (ffc0::/10) addresses won't be allowed. +to `127.0.0.1`, `::1` and `0.0.0.0`, as well as IPv4 `10.0.0.0/8`, `172.16.0.0/12`, +`192.168.0.0/16` and IPv6 site-local (`ffc0::/10`) addresses won't be allowed. This behavior can be overridden by enabling the option *"Allow requests to the local network from web hooks and services"* in the *"Outbound requests"* section |