delta/gitlab/gitlab-ce.git - gitlab.com: gitlab-org/gitlab-ce.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	Enable Style/EmptyLines cop, remove redundant onesrubocop/enable-cops-for-empty-lines	Grzegorz Bizon	2016-07-01	1	-2/+0
\|
*	Merge branch 'rack-request-trusted-proxies' into 'master'	Douwe Maan	2016-06-30	1	-4/+8
\|\ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Make Rack::Request use our trusted proxies when filtering IP addresses ## What does this MR do? This allows us to control the trusted proxies while deployed in a private network. ## Are there points in the code the reviewer needs to double check? If we want to limit what is impacted, we can do this specifically for the rack_attack request object. ## Why was this MR needed? Normally Rack::Request will trust all private IPs as trusted proxies, which can cause problems if your users are connection on you network via private IP ranges. Normally in a rails app this is handled by action_dispatch request, but rack_attack is specifically using the Rack::Request object instead. ## What are the relevant issue numbers? Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/17550 ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [ ] ~~[Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)~~ - [ ] ~~API support added~~ - Tests - [x] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [ ] Branch has no merge conflicts with `master` (if you do - rebase it please) - [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) \cc @stanhu See merge request !4958
\| *	Make Rack::Request use our trusted proxies when filtering IP addressesrack-request-trusted-proxies	DJ Mountney	2016-06-29	1	-4/+8
\| \| \| \| \| \| \| \| \| \| \| \|	This allows us to control the trusted proxies while deployed in a private network. Normally Rack::Request will trust all private IPs as trusted proxies, which can caue problems if your users are connection on you network via private IP ranges. Normally in a rails app this is handled by action_dispatch request, but rack_attack is specifically using the Rack::Request object instead.
* \|	Refactor repository paths handling to allow multiple git mount points	Alejandro Rodríguez	2016-06-29	1	-0/+41
\|/
*	Fix settings_spec so that it can that run by itselffix-settings-spec	Stan Hu	2016-06-23	1	-0/+1
\|
*	Add tests for setting trusted_proxiestrusted-proxies-ip-addr	DJ Mountney	2016-05-04	1	-0/+51
\| \| \| \|	Each test reloads the trusted_proxies initializer, which in turn will set Rails.application.config.action_dispatch.trusted_proxies to something new. This will leak into the other tests, but the middleware that it is used in has already been loaded for the whole test suite, so it should have no impact.
*	Ensure Gravatar host looks like an actual hostfix-gravator-default-url	Rémy Coutable	2016-01-18	1	-0/+44