Add latest changes from gitlab-org/security/gitlab@15-4-stable-ee

3 files changed, 5 insertions, 3 deletions

diff --git a/lib/bulk_imports/common/pipelines/wiki_pipeline.rb b/lib/bulk_imports/common/pipelines/wiki_pipeline.rb
index 6900835b14d..0f92c1f1210 100644
--- a/lib/bulk_imports/common/pipelines/wiki_pipeline.rb
+++ b/lib/bulk_imports/common/pipelines/wiki_pipeline.rb
@@ -22,7 +22,7 @@ module BulkImports
           wiki = context.portable.wiki
           url = data[:url].sub("://", "://oauth2:#{context.configuration.access_token}@")
 
-          Gitlab::UrlBlocker.validate!(url, allow_local_network: allow_local_requests?, allow_localhost: allow_local_requests?)
+          Gitlab::UrlBlocker.validate!(url, schemes: %w[http https], allow_local_network: allow_local_requests?, allow_localhost: allow_local_requests?)
 
           wiki.ensure_repository
           wiki.repository.fetch_as_mirror(url)
diff --git a/lib/bulk_imports/projects/pipelines/repository_pipeline.rb b/lib/bulk_imports/projects/pipelines/repository_pipeline.rb
index f5ccc1dd922..a2b1f8c5176 100644
--- a/lib/bulk_imports/projects/pipelines/repository_pipeline.rb
+++ b/lib/bulk_imports/projects/pipelines/repository_pipeline.rb
@@ -21,7 +21,7 @@ module BulkImports
           url = url.sub("://", "://oauth2:#{context.configuration.access_token}@")
           project = context.portable
 
-          Gitlab::UrlBlocker.validate!(url, allow_local_network: allow_local_requests?, allow_localhost: allow_local_requests?)
+          Gitlab::UrlBlocker.validate!(url, schemes: %w[http https], allow_local_network: allow_local_requests?, allow_localhost: allow_local_requests?)
 
           project.ensure_repository
           project.repository.fetch_as_mirror(url)
diff --git a/lib/bulk_imports/projects/pipelines/snippets_repository_pipeline.rb b/lib/bulk_imports/projects/pipelines/snippets_repository_pipeline.rb
index 6d423717a51..e29601927be 100644
--- a/lib/bulk_imports/projects/pipelines/snippets_repository_pipeline.rb
+++ b/lib/bulk_imports/projects/pipelines/snippets_repository_pipeline.rb
@@ -55,7 +55,9 @@ module BulkImports
           Gitlab::UrlBlocker.validate!(
             url,
             allow_local_network: allow_local_requests?,
-            allow_localhost: allow_local_requests?)
+            allow_localhost: allow_local_requests?,
+            schemes: %w[http https]
+          )
         end
 
         def cleanup_snippet_repository(snippet)