Geo route whitelisting is too optimistic

author: Brett Walker <brett@digitalmoksha.com> 2017-11-02 12:50:04 +0000
committer: Nick Thomas <nick@gitlab.com> 2017-11-02 12:50:04 +0000
commit: 2fd5cc2bff81ddcbce8381bb0c835d1d1717c0ed (patch)
tree: 3c96c95832a424316dd76d3fef36774d6fbe5b5a /lib/gitlab/middleware
parent: 506a4e7530854ec4f4775b8df96a272509a553ba (diff)
download: gitlab-ce-2fd5cc2bff81ddcbce8381bb0c835d1d1717c0ed.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/lib/gitlab/middleware/read_only.rb b/lib/gitlab/middleware/read_only.rb
index 0de0cddcce4..8853dfa3d2d 100644
--- a/lib/gitlab/middleware/read_only.rb
+++ b/lib/gitlab/middleware/read_only.rb
@@ -12,6 +12,7 @@ module Gitlab
 
       def call(env)
         @env = env
+        @route_hash = nil
 
         if disallowed_request? && Gitlab::Database.read_only?
           Rails.logger.debug('GitLab ReadOnly: preventing possible non read-only operation')
@@ -77,11 +78,11 @@ module Gitlab
       end
 
       def grack_route
-        request.path.end_with?('.git/git-upload-pack')
+        route_hash[:controller] == 'projects/git_http' && route_hash[:action] == 'git_upload_pack'
       end
 
       def lfs_route
-        request.path.end_with?('/info/lfs/objects/batch')
+        route_hash[:controller] == 'projects/lfs_api' && route_hash[:action] == 'batch'
       end
     end
   end
author	Brett Walker <brett@digitalmoksha.com>	2017-11-02 12:50:04 +0000
committer	Nick Thomas <nick@gitlab.com>	2017-11-02 12:50:04 +0000
commit	2fd5cc2bff81ddcbce8381bb0c835d1d1717c0ed (patch)
tree	3c96c95832a424316dd76d3fef36774d6fbe5b5a /lib/gitlab/middleware
parent	506a4e7530854ec4f4775b8df96a272509a553ba (diff)
download	gitlab-ce-2fd5cc2bff81ddcbce8381bb0c835d1d1717c0ed.tar.gz