diff options
| author | Thong Kuah <tkuah@gitlab.com> | 2019-04-11 06:29:07 +0000 |
|---|---|---|
| committer | James Lopez <james@gitlab.com> | 2019-04-11 06:29:07 +0000 |
| commit | d119d3d1b25aac661e6251addf87b280bd37f0c5 (patch) | |
| tree | aeaf0d9503326ec7f51968e8d1de48d83ce90503 /lib/gitlab/url_blocker.rb | |
| parent | 79bf4bdaad438dc0f82771b102f3c07225a428da (diff) | |
| download | gitlab-ce-d119d3d1b25aac661e6251addf87b280bd37f0c5.tar.gz | |
Align UrlValidator to validate_url gem implementation.
Renamed UrlValidator to AddressableUrlValidator to avoid 'url:' naming collision with ActiveModel::Validations::UrlValidator in 'validates' statement.
Make use of the options attribute of the parent class ActiveModel::EachValidator.
Add more options: allow_nil, allow_blank, message.
Renamed 'protocols' option to 'schemes' to match the option naming from UrlValidator.
Diffstat (limited to 'lib/gitlab/url_blocker.rb')
| -rw-r--r-- | lib/gitlab/url_blocker.rb | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/lib/gitlab/url_blocker.rb b/lib/gitlab/url_blocker.rb index 9b7b0db9525..641ba70ef83 100644 --- a/lib/gitlab/url_blocker.rb +++ b/lib/gitlab/url_blocker.rb @@ -8,7 +8,7 @@ module Gitlab BlockedUrlError = Class.new(StandardError) class << self - def validate!(url, ports: [], protocols: [], allow_localhost: false, allow_local_network: true, ascii_only: false, enforce_user: false, enforce_sanitization: false) + def validate!(url, ports: [], schemes: [], allow_localhost: false, allow_local_network: true, ascii_only: false, enforce_user: false, enforce_sanitization: false) return true if url.nil? # Param url can be a string, URI or Addressable::URI @@ -20,7 +20,7 @@ module Gitlab return true if internal?(uri) port = get_port(uri) - validate_protocol!(uri.scheme, protocols) + validate_scheme!(uri.scheme, schemes) validate_port!(port, ports) if ports.any? validate_user!(uri.user) if enforce_user validate_hostname!(uri.hostname) @@ -85,9 +85,9 @@ module Gitlab raise BlockedUrlError, "Only allowed ports are #{ports.join(', ')}, and any over 1024" end - def validate_protocol!(protocol, protocols) - if protocol.blank? || (protocols.any? && !protocols.include?(protocol)) - raise BlockedUrlError, "Only allowed protocols are #{protocols.join(', ')}" + def validate_scheme!(scheme, schemes) + if scheme.blank? || (schemes.any? && !schemes.include?(scheme)) + raise BlockedUrlError, "Only allowed schemes are #{schemes.join(', ')}" end end |