summaryrefslogtreecommitdiff
path: root/app/validators
Commit message (Collapse)AuthorAgeFilesLines
* Avoid checking the user format in every url validationFrancisco Javier López2018-06-111-3/+11
|
* Add validation to webhook and service URLs to ensure they are not blocked ↵Francisco Javier López2018-06-015-95/+71
| | | | because of SSRF
* Rename allow_private_networks to allow_local_networkDouwe Maan2018-04-021-5/+3
|
* Raise more descriptive errors when URLs are blockedDouwe Maan2018-04-021-2/+4
|
* Adds validators and rack cookie helperJames Edwards-Jones2018-04-022-0/+16
| | | | | These changes are backported from EE, related to SAML settings in https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/4549
* Add HTTPS-only pagesRob Watson2018-03-221-2/+0
| | | | Closes #28857
* Merge branch 'fj-15329-services-callbacks-ssrf' into 'security-10-6'Douwe Maan2018-03-211-1/+1
| | | | | Server Side Request Forgery in Services and Web Hooks See merge request gitlab/gitlabhq!2337
* Projects and groups badges APIFrancisco Javier López2018-03-051-0/+32
|
* Skip variables duplicates validator if variable is already a duplicateMatija Čupić2018-02-221-0/+2
|
* Improve validation message and add changelogmc/fix/project-variables-scopeKamil Trzciński2018-02-141-1/+1
|
* Refactor variable duplicates error messageMatija Čupić2018-02-141-1/+1
|
* Add more information in variable_duplicates validator error messageMatija Čupić2018-02-131-1/+3
|
* Refactor outer anonymous function into a do blockMatija Čupić2018-02-131-1/+3
|
* Disable public send cop in variables duplicates validatorMatija Čupić2018-02-131-1/+1
|
* Extend variables_duplicates validator with scope handlingMatija Čupić2018-02-131-2/+13
|
* Validate User username only on Namespace, and bubble up appropriatelyDouwe Maan2018-02-064-28/+1
|
* Second iteration of Move Kubernetes from service to Cluster pageFilipa Lacerda2017-12-051-5/+5
|
* Adds Rubocop rule for line break after guard clauseJacopo2017-11-162-0/+2
| | | | Adds a rubocop rule (with autocorrect) to ensure line break after guard clauses.
* Merge branch 'refactor-clusters' into 'master'Grzegorz Bizon2017-11-061-0/+24
|\ | | | | | | | | Refactor Clusters to be consisted from GcpProvider and KubernetesPlatform See merge request gitlab-org/gitlab-ce!14879
| * specs for models. Improved details.Shinya Maeda2017-10-301-1/+1
| |
| * This worksShinya Maeda2017-10-231-0/+24
| |
* | Reallow project paths ending in periodsdm-reallow-project-path-ending-in-periodDouwe Maan2017-11-065-53/+91
|/
* Move the key restriction validation to its own classNick Thomas2017-08-301-0/+29
|
* Implement ayufan validator2Shinya Maeda2017-07-061-0/+13
|
* Implement ayufan validatorShinya Maeda2017-07-061-37/+0
|
* Revert "Implement Ci::NestedUniquenessValidator"Shinya Maeda2017-07-061-0/+37
| | | | This reverts commit 8f0a2b6d780347a5ce258ac1a6a6902ce9695ca1.
* Implement Ci::NestedUniquenessValidatorShinya Maeda2017-07-051-37/+0
|
* Implement uniqueness_of_in_memory_validatorShinya Maeda2017-07-051-0/+37
|
* Rebuild the dynamic path before validating itbvl-validate-path-updateBob Van Landuyt2017-06-211-1/+1
| | | | | Otherwise we won't validate updates to the path. Allowing users to change the path to something that's not allowed.
* Rename `Gitlab::Git::EncodingHelper` to `Gitlab::EncodingHelper`Bob Van Landuyt2017-06-011-1/+1
|
* Avoid crash when trying to parse string with invalid UTF-8 sequenceBob Van Landuyt2017-05-301-0/+5
|
* Revert "Remove changes that are not absolutely necessary"Douwe Maan2017-05-241-8/+14
| | | This reverts commit b0498c176fa134761d899c9b369be12f1ca789c5
* Remove changes that are not absolutely necessarydm-fix-routesDouwe Maan2017-05-231-14/+8
|
* Fix ambiguous routing issues by teaching router about reserved wordsDouwe Maan2017-05-231-191/+24
|
* Reject EE reserved namespace paths in CE as wellbvl-reject-ee-namespace-namesBob Van Landuyt2017-05-041-0/+7
|
* Don't validate reserved words if the format doesn't match30272-bvl-reject-more-namespacesBob Van Landuyt2017-05-021-0/+1
| | | | | | Because it also won't match the sophisticated format we have for detecting reserved names. We don't want to confuse the user with 2 error messages
* Update commentsBob Van Landuyt2017-05-021-5/+18
|
* Update path validation & specsBob Van Landuyt2017-05-021-13/+18
|
* Reuse Gitlab::Regex.full_namespace_regex in the DynamicPathValidatorBob Van Landuyt2017-05-021-25/+18
|
* Reject group-routes as names of child namespacesBob Van Landuyt2017-05-011-18/+71
|
* Reject paths following namespace for paths including 2 `*`Bob Van Landuyt2017-05-011-2/+2
| | | | | Reject the part following `/*namespace_id/:project_id` for paths containing 2 wildcard parameters
* Allow `graphs` & `refs` project namesBob Van Landuyt2017-05-011-2/+0
|
* Minor style adjustmentsBob Van Landuyt2017-05-011-21/+39
|
* Use `%r{}` regexes to avoid having to escape `/`Bob Van Landuyt2017-05-011-1/+1
|
* The dynamic path validator can block out partial pathsBob Van Landuyt2017-05-011-33/+24
| | | | So we can block `objects` only when it is contained in `info/lfs` or `gitlab-lfs`
* Make path validation case-insensitiveBob Van Landuyt2017-05-011-0/+1
|
* Reject `-` as a pathBob Van Landuyt2017-05-011-0/+1
|
* Rename `NamespaceValidator` to `DynamicPathValidator`Bob Van Landuyt2017-05-011-3/+6
| | | | This reflects better that it validates paths instead of a namespace model
* Use the namespace validator for validating all pathsBob Van Landuyt2017-05-011-27/+0
| | | | | Since the namespacevalidator now knows the difference between a top-level and another path, this could all be handled there.
* Check `has_parent?` for determining validation typeBob Van Landuyt2017-05-011-3/+3
|
View Lorry Controller Status