diff options
Diffstat (limited to 'config')
| -rw-r--r-- | config/initializers/workhorse_multipart.rb | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/config/initializers/workhorse_multipart.rb b/config/initializers/workhorse_multipart.rb index 8de7140e3d4..84d809741c4 100644 --- a/config/initializers/workhorse_multipart.rb +++ b/config/initializers/workhorse_multipart.rb @@ -2,6 +2,12 @@ Rails.application.configure do |config| config.middleware.use(Gitlab::Middleware::Multipart) end +# The Gitlab::Middleware::Multipart middleware inserts instances of our +# own ::UploadedFile class in the Rack env of requests. These instances +# will be blocked by the 'strong parameters' feature of ActionController +# unless we somehow whitelist them. At the moment it seems the only way +# to do that is by monkey-patching. +# module Gitlab module StrongParameterScalars GITLAB_PERMITTED_SCALAR_TYPES = [::UploadedFile] |