| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Validate Wiki attachments are valid temporary files | Stan Hu | 2018-10-23 | 1 | -2/+2 |
| | | | | | | | | | | | A malicious attacker could craft a request to read arbitrary files on the system. This change adds a Grape validation to ensure that the tempfile parameter delivered by the Rack multipart uploader is a Tempfile type to prevent users from being able to specify arbitrary filenames. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/53072 | ||||
| * | Enable frozen string in lib/api and lib/backup | gfyoung | 2018-09-29 | 1 | -0/+2 |
| | | | | | | | | | | | Partially addresses #47424. Had to make changes to spec files because stubbing methods on frozen objects is a mess in RSpec and leads to failures: https://github.com/rspec/rspec-mocks/issues/1190 | ||||
| * | Uploads to wiki stored inside the wiki git repository | Francisco Javier López | 2018-09-04 | 1 | -0/+31 |
| | | |||||
| * | Add API support for wiki pages | blackst0ne | 2017-09-07 | 1 | -0/+89 |
 |
index : delta/gitlab/gitlab-ce.git | |
| gitlab.com: gitlab-org/gitlab-ce.git |
| summaryrefslogtreecommitdiff |