BigW Consortium Gitlab

Commit 67f4501f by Rubén Dávila Committed by DJ Mountney

Merge branch 'ssrf' into 'security'

nil check for url_blocker? See merge request !2076
parent d0484837
...@@ -8,6 +8,8 @@ module Gitlab ...@@ -8,6 +8,8 @@ module Gitlab
VALID_PORTS = [22, 80, 443].freeze VALID_PORTS = [22, 80, 443].freeze
def blocked_url?(url) def blocked_url?(url)
return false if url.nil?
blocked_ips = ["127.0.0.1", "::1", "0.0.0.0"] blocked_ips = ["127.0.0.1", "::1", "0.0.0.0"]
blocked_ips.concat(Socket.ip_address_list.map(&:ip_address)) blocked_ips.concat(Socket.ip_address_list.map(&:ip_address))
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment