diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-12-01 12:09:17 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-12-01 12:09:17 +0000 |
commit | 7b2635a55d4e87431bae752bd44c6fd2d2657b03 (patch) | |
tree | 88182aabb51a167e10f6c3a6d404b2247613047f /lib/constraints | |
parent | a7704bf16a51a8c993215a69db17232e3f246b8e (diff) | |
download | gitlab-ce-7b2635a55d4e87431bae752bd44c6fd2d2657b03.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/constraints')
-rw-r--r-- | lib/constraints/project_url_constrainer.rb | 2 | ||||
-rw-r--r-- | lib/constraints/repository_redirect_url_constrainer.rb | 28 |
2 files changed, 29 insertions, 1 deletions
diff --git a/lib/constraints/project_url_constrainer.rb b/lib/constraints/project_url_constrainer.rb index 3e9cf2ab320..d41490d2ebd 100644 --- a/lib/constraints/project_url_constrainer.rb +++ b/lib/constraints/project_url_constrainer.rb @@ -4,7 +4,7 @@ module Constraints class ProjectUrlConstrainer def matches?(request, existence_check: true) namespace_path = request.params[:namespace_id] - project_path = request.params[:project_id] || request.params[:id] || request.params[:repository_id] + project_path = request.params[:project_id] || request.params[:id] full_path = [namespace_path, project_path].join('/') return false unless ProjectPathValidator.valid_path?(full_path) diff --git a/lib/constraints/repository_redirect_url_constrainer.rb b/lib/constraints/repository_redirect_url_constrainer.rb new file mode 100644 index 00000000000..44df670d8d3 --- /dev/null +++ b/lib/constraints/repository_redirect_url_constrainer.rb @@ -0,0 +1,28 @@ +# frozen_string_literal: true + +module Constraints + class RepositoryRedirectUrlConstrainer + def matches?(request) + path = request.params[:repository_path].delete_suffix('.git') + query = request.query_string + + git_request?(query) && container_path?(path) + end + + # Allow /info/refs, /info/refs?service=git-upload-pack, and + # /info/refs?service=git-receive-pack, but nothing else. + def git_request?(query) + query.blank? || + query == 'service=git-upload-pack' || + query == 'service=git-receive-pack' + end + + # Check if the path matches any known repository containers. + # These also cover wikis, since a `.wiki` suffix is valid in project/group paths too. + def container_path?(path) + NamespacePathValidator.valid_path?(path) || + ProjectPathValidator.valid_path?(path) || + path =~ Gitlab::PathRegex.full_snippets_repository_path_regex + end + end +end |