Merge branch 'ac/41346-xss-ci-job-output' into 'security-10-3'

[10.3] Fix XSS vulnerability in Pipeline job trace See merge request gitlab/gitlabhq!2258 (cherry picked from commit 44caa80ed9a2514a74a5eeab10ff51849d64851b) 5f86f3ff Fix XSS vulnerability in Pipeline job trace
author: Robert Speicher <robert@gitlab.com> 2017-12-21 18:34:34 +0000
committer: Stan Hu <stanhu@gmail.com> 2018-01-16 17:04:38 -0800
commit: 72a57525a87b694799cd6406e8e8f117a902a890 (patch)
tree: bcca18e6a779039499a484fe8e9a69504a152017 /lib/gitlab/regex.rb
parent: 0424801ec8854167d17c76b68e6ae8c5b5a6a52a (diff)
download: gitlab-ce-72a57525a87b694799cd6406e8e8f117a902a890.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/gitlab/regex.rb b/lib/gitlab/regex.rb
index 0002c7da8f1..7ab85e1c35c 100644
--- a/lib/gitlab/regex.rb
+++ b/lib/gitlab/regex.rb
@@ -67,7 +67,7 @@ module Gitlab
     end
 
     def build_trace_section_regex
-      @build_trace_section_regexp ||= /section_((?:start)|(?:end)):(\d+):([^\r]+)\r\033\[0K/.freeze
+      @build_trace_section_regexp ||= /section_((?:start)|(?:end)):(\d+):([a-zA-Z0-9_.-]+)\r\033\[0K/.freeze
     end
   end
 end
author	Robert Speicher <robert@gitlab.com>	2017-12-21 18:34:34 +0000
committer	Stan Hu <stanhu@gmail.com>	2018-01-16 17:04:38 -0800
commit	72a57525a87b694799cd6406e8e8f117a902a890 (patch)
tree	bcca18e6a779039499a484fe8e9a69504a152017 /lib/gitlab/regex.rb
parent	0424801ec8854167d17c76b68e6ae8c5b5a6a52a (diff)
download	gitlab-ce-72a57525a87b694799cd6406e8e8f117a902a890.tar.gz