BigW Consortium Gitlab
Fix note attachments XSS and access control Replaces the reverted #1528, as proposed in https://gitlab.com/gitlab-org/omnibus-gitlab/issues/434, as discussed with @dzaporozhets and as summarized in #2032. @marin Could you take a look at the nginx config and apply it to Omnibus once this gets merged? See merge request !1553