summaryrefslogtreecommitdiff
path: root/db
diff options
context:
space:
mode:
Diffstat (limited to 'db')
-rw-r--r--db/post_migrate/20181026091631_migrate_forbidden_redirect_uris.rb32
1 files changed, 32 insertions, 0 deletions
diff --git a/db/post_migrate/20181026091631_migrate_forbidden_redirect_uris.rb b/db/post_migrate/20181026091631_migrate_forbidden_redirect_uris.rb
new file mode 100644
index 00000000000..ff5510e8eb7
--- /dev/null
+++ b/db/post_migrate/20181026091631_migrate_forbidden_redirect_uris.rb
@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+class MigrateForbiddenRedirectUris < ActiveRecord::Migration
+ include Gitlab::Database::MigrationHelpers
+
+ DOWNTIME = false
+ FORBIDDEN_SCHEMES = %w[data:// vbscript:// javascript://]
+ NEW_URI = 'http://forbidden-scheme-has-been-overwritten'
+
+ disable_ddl_transaction!
+
+ def up
+ update_forbidden_uris(:oauth_applications)
+ update_forbidden_uris(:oauth_access_grants)
+ end
+
+ def down
+ # noop
+ end
+
+ private
+
+ def update_forbidden_uris(table_name)
+ update_column_in_batches(table_name, :redirect_uri, NEW_URI) do |table, query|
+ where_clause = FORBIDDEN_SCHEMES.map do |scheme|
+ table[:redirect_uri].matches("#{scheme}%")
+ end.inject(&:or)
+
+ query.where(where_clause)
+ end
+ end
+end
View Lorry Controller Status