Add validation to webhook and service URLs to ensure they are not blocked because of SSRF

author: Francisco Javier López <fjlopez@gitlab.com> 2018-06-01 11:43:53 +0000
committer: Douwe Maan <douwe@gitlab.com> 2018-06-01 11:43:53 +0000
commit: 840f80d48b7d8363f171f6137cd9f1fbafb52bfc (patch)
tree: 612c6f9b846f9f2f3b44931db12557024c49ef66 /spec/requests
parent: e206e32881e4fbfcbe647d7b2ee713c99ef1bf99 (diff)
download: gitlab-ce-840f80d48b7d8363f171f6137cd9f1fbafb52bfc.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/spec/requests/api/commit_statuses_spec.rb b/spec/requests/api/commit_statuses_spec.rb
index f246bb79ab7..cd43bec35df 100644
--- a/spec/requests/api/commit_statuses_spec.rb
+++ b/spec/requests/api/commit_statuses_spec.rb
@@ -304,7 +304,7 @@ describe API::CommitStatuses do
         it 'responds with bad request status and validation errors' do
           expect(response).to have_gitlab_http_status(400)
           expect(json_response['message']['target_url'])
-            .to include 'must be a valid URL'
+            .to include 'is blocked: Only allowed protocols are http, https'
         end
       end
     end
author	Francisco Javier López <fjlopez@gitlab.com>	2018-06-01 11:43:53 +0000
committer	Douwe Maan <douwe@gitlab.com>	2018-06-01 11:43:53 +0000
commit	840f80d48b7d8363f171f6137cd9f1fbafb52bfc (patch)
tree	612c6f9b846f9f2f3b44931db12557024c49ef66 /spec/requests
parent	e206e32881e4fbfcbe647d7b2ee713c99ef1bf99 (diff)
download	gitlab-ce-840f80d48b7d8363f171f6137cd9f1fbafb52bfc.tar.gz