diff options
author | Thong Kuah <tkuah@gitlab.com> | 2019-04-11 06:29:07 +0000 |
---|---|---|
committer | James Lopez <james@gitlab.com> | 2019-04-11 06:29:07 +0000 |
commit | d119d3d1b25aac661e6251addf87b280bd37f0c5 (patch) | |
tree | aeaf0d9503326ec7f51968e8d1de48d83ce90503 /lib | |
parent | 79bf4bdaad438dc0f82771b102f3c07225a428da (diff) | |
download | gitlab-ce-d119d3d1b25aac661e6251addf87b280bd37f0c5.tar.gz |
Align UrlValidator to validate_url gem implementation.
Renamed UrlValidator to AddressableUrlValidator to avoid 'url:' naming collision with ActiveModel::Validations::UrlValidator in 'validates' statement.
Make use of the options attribute of the parent class ActiveModel::EachValidator.
Add more options: allow_nil, allow_blank, message.
Renamed 'protocols' option to 'schemes' to match the option naming from UrlValidator.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/gitlab/import_export/after_export_strategies/web_upload_strategy.rb | 2 | ||||
-rw-r--r-- | lib/gitlab/url_blocker.rb | 10 |
2 files changed, 6 insertions, 6 deletions
diff --git a/lib/gitlab/import_export/after_export_strategies/web_upload_strategy.rb b/lib/gitlab/import_export/after_export_strategies/web_upload_strategy.rb index b30900f7c61..fcf6a25ab00 100644 --- a/lib/gitlab/import_export/after_export_strategies/web_upload_strategy.rb +++ b/lib/gitlab/import_export/after_export_strategies/web_upload_strategy.rb @@ -8,7 +8,7 @@ module Gitlab POST_METHOD = 'POST'.freeze INVALID_HTTP_METHOD = 'invalid. Only PUT and POST methods allowed.'.freeze - validates :url, url: true + validates :url, addressable_url: true validate do unless [PUT_METHOD, POST_METHOD].include?(http_method.upcase) diff --git a/lib/gitlab/url_blocker.rb b/lib/gitlab/url_blocker.rb index 9b7b0db9525..641ba70ef83 100644 --- a/lib/gitlab/url_blocker.rb +++ b/lib/gitlab/url_blocker.rb @@ -8,7 +8,7 @@ module Gitlab BlockedUrlError = Class.new(StandardError) class << self - def validate!(url, ports: [], protocols: [], allow_localhost: false, allow_local_network: true, ascii_only: false, enforce_user: false, enforce_sanitization: false) + def validate!(url, ports: [], schemes: [], allow_localhost: false, allow_local_network: true, ascii_only: false, enforce_user: false, enforce_sanitization: false) return true if url.nil? # Param url can be a string, URI or Addressable::URI @@ -20,7 +20,7 @@ module Gitlab return true if internal?(uri) port = get_port(uri) - validate_protocol!(uri.scheme, protocols) + validate_scheme!(uri.scheme, schemes) validate_port!(port, ports) if ports.any? validate_user!(uri.user) if enforce_user validate_hostname!(uri.hostname) @@ -85,9 +85,9 @@ module Gitlab raise BlockedUrlError, "Only allowed ports are #{ports.join(', ')}, and any over 1024" end - def validate_protocol!(protocol, protocols) - if protocol.blank? || (protocols.any? && !protocols.include?(protocol)) - raise BlockedUrlError, "Only allowed protocols are #{protocols.join(', ')}" + def validate_scheme!(scheme, schemes) + if scheme.blank? || (schemes.any? && !schemes.include?(scheme)) + raise BlockedUrlError, "Only allowed schemes are #{schemes.join(', ')}" end end |