Commit Graph

67 Commits

Author SHA1 Message Date
gfyoung c858f70d07 Enable frozen string for lib/gitlab/*.rb 2018-10-22 07:00:50 +00:00
Felipe Artur 32b88294d5 Allow multiple JIRA transition ids 2018-08-03 11:47:24 -03:00
Sean McGivern 0d9ef34a25 Add documentation and specs for webhook URL rewriting 2018-07-06 11:35:30 +01:00
Dylan Griffith 06c111ca8f Ensure users can't create environments with leading or trailing slashes (Fixes #39885) 2018-02-13 11:07:12 +11:00
Robert Speicher 72a57525a8 Merge branch 'ac/41346-xss-ci-job-output' into 'security-10-3'
[10.3] Fix XSS vulnerability in Pipeline job trace

See merge request gitlab/gitlabhq!2258

(cherry picked from commit 44caa80ed9a2514a74a5eeab10ff51849d64851b)

5f86f3ff Fix XSS vulnerability in Pipeline job trace
2018-01-16 17:04:38 -08:00
Grzegorz Bizon f3f606966d Merge branch 'check-environment-regex' into 'master'
Fix environment scope regex

See merge request gitlab-org/gitlab-ee!3641
2018-01-08 17:18:04 +09:00
Grzegorz Bizon f4df4f9e35 Update container repository path reference
We should allow to use double underscore in the path, and it seems that
our container repository path regexp was outdated.

See https://github.com/docker/distribution/blob/master/reference/regexp.go
2017-11-16 09:31:07 +01:00
Alessio Caiazza 91f8e734fe
Add CI build trace sections extractor 2017-10-05 15:42:25 +02:00
Shinya Maeda fe9fc0af75 Enfouce namespace for Kubernetes to lowercase 2017-08-22 15:12:27 +09:00
Grzegorz Bizon 59c808a636 Add a test for container repository name regexp 2017-07-19 10:52:03 +02:00
Grzegorz Bizon 9f36012e02 Fix docker tag reference routing constraints 2017-07-19 10:30:57 +02:00
Lin Jen-Shin d9435d6121 Backports for ee-2112
https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/2112
2017-07-06 16:25:03 +08:00
Tiago Botelho 1207d451ed Removes file_name_regex from Gitlab::Regex 2017-07-05 19:10:14 +01:00
Tiago Botelho d1e0b1b3a8 Allow creation of files and directories with spaces in web UI 2017-07-05 16:08:57 +01:00
Zeger-Jan van de Weg 5eb940da76 Replace invalid chars while seeding environments 2017-06-21 11:16:38 +00:00
Douwe Maan 43b1750892 Revert "Remove changes that are not absolutely necessary"
This reverts commit b0498c176f
2017-05-24 20:59:26 +00:00
Douwe Maan b0498c176f Remove changes that are not absolutely necessary 2017-05-23 20:38:35 -05:00
Douwe Maan 4345bb8c50 Fix ambiguous routing issues by teaching router about reserved words 2017-05-23 20:38:24 -05:00
Bob Van Landuyt c853dd6158 Reuse Gitlab::Regex.full_namespace_regex in the DynamicPathValidator 2017-05-02 09:13:41 +02:00
Douwe Maan d170133bde Refactor changing files in web UI 2017-04-20 00:37:44 +00:00
Grzegorz Bizon 1a47986b3d Check registry repository name against regexp
This regexp is extracted from Docker Distribution 2.4.1 docs, contains
additional `/` element that can be a separator of components.
2017-04-03 11:38:39 +02:00
Douwe Maan ad640bc5f9 Use Namespace#full_path instead of #path where appropriate 2017-02-23 17:55:01 -06:00
Dmitriy Zaporozhets 2c55fd0019 Add GFM support to nested groups
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2017-02-13 22:30:10 +02:00
blackst0ne ad977e8bb2 Allow to use + symbol in filenames 2017-01-15 19:48:35 +11:00
Nick Thomas 93a03cd92f Add an environment slug 2016-12-15 13:57:03 +00:00
Nick Thomas b7b83fe0c9 Introduce deployment services, starting with a KubernetesService 2016-12-14 21:06:26 +00:00
winniehell 61aa90ef20 Allow all alphanumeric characters in file names (!8002) 2016-12-13 09:13:06 +01:00
Dmitriy Zaporozhets 6683fdcfb0
Add nested groups support to the routing
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2016-11-23 14:08:36 +02:00
Dmitriy Zaporozhets 5949f398f7
Fix 500 error when group name ends with git
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2016-11-21 21:03:18 +02:00
Timothy Andrew 78b6d6624b Allow registering users where the username contains dots (.).
Javascript does not support the negative lookbehind assertion (?<!) used
in the Ruby regex (to disallow usernames ending in `.git` or `.atom`.

Getting the client side code to fully support this format is
non-trivial, since we'd either have to heavily complicate the
regex used, or modify the frontend code to support more complex
validation schemes (it currently uses HTML5 validations).

The pragmatic choice is to create a
`Gitlab::Regex::NAMESPACE_REGEX_STR_SIMPLE` regex to serve as a
Javascript-compatible version of `NAMESPACE_REGEX_STR`.

The client-side code will not display an error for usernames ending in
`.git` and `.atom`, but these will be caught by the server-side
validation.
2016-11-18 11:47:37 +05:30
Vincent Composieux af941732ed
Added ability to put emojis into repository name
Added ability to put emojis into repository name
2016-11-12 09:21:23 +01:00
Dmitriy Zaporozhets 7061131676
Refactor namespace regex
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2016-11-07 18:40:57 +02:00
Will Starms 4f1de5faac Correct namespace validation to forbid bad names #21077
Adds .git and .atom to the master namespace regex
Updates existing group tests and adds two new ones
Updates path cleaning to also forbid .atom
2016-10-07 13:46:59 -05:00
Robert Speicher 313f3181cc Remove trailing spaces from messages in Gitlab::Regex 2016-09-20 07:20:48 +03:00
Kamil Trzcinski 8fe05d83ac Fix validation regexs (+1 squashed commit)
Squashed commits:
[f9a9315] Use : to test invalid environment name
2016-09-19 10:07:15 +02:00
Kamil Trzcinski 223041fa1b Fix environments handling 2016-09-19 10:07:15 +02:00
Kamil Trzcinski a4638dddf2 Add support for dynamic environments
Environments that can have a URL with predefined CI variables.
2016-09-19 10:05:35 +02:00
Grzegorz Bizon 9e211091a8 Enable Style/EmptyLines cop, remove redundant ones 2016-07-01 21:56:17 +02:00
Kamil Trzcinski e8f09f02bf Validate environment name with regex 2016-06-14 13:04:21 +02:00
Kamil Trzcinski 5196f8e993 WIP 2016-05-08 22:50:30 +02:00
Kamil Trzcinski b0ddbaa07c Added docker registry view 2016-05-04 11:31:35 +02:00
James Lopez ae73e73bee Merge branch 'master' of gitlab.com:gitlab-org/gitlab-ce into fix/atom-url-issue 2016-02-02 15:15:59 +01:00
Jacob Vosmaer 72bd004b31 Allow "@" in file names and path 2016-02-01 16:20:49 +01:00
James Lopez eb51a4ac1b refactor previous test and add validation to project model 2016-01-29 15:35:21 +01:00
Ben Ford 3be9d2c422 Add ability to create directories in the editor
Simply type a name with a `/` directory separator and new directories
will be created. This does not do the fancy UI work that github.com
does, but it will get the job done.

I could not find tests for file creation, so I didn't add a test for
this slight behaviour modification. I did test directory traversals
though, using both absolute paths like `/tmp/foo.txt` and relative paths
like `../../foo.txt`. Neither case escaped the repository, though
attempting to traverse with a relative path resulted in a 500 error that
did not affect application stability upon reload.
2015-10-29 15:49:07 +01:00
Jakub Jirutka a1c01bc19b Fix (project_)name_regex to accept non-ASCII letters and dash 2015-04-27 16:38:47 +02:00
Douwe Maan 5f839770e7 Revert "Rename namespace_regex to namespace_path_regex."
This reverts commit c0116926c7.
2015-04-24 15:16:38 +02:00
Douwe Maan c0116926c7 Rename namespace_regex to namespace_path_regex. 2015-04-24 14:49:22 +02:00
Douwe Maan 1d2a5ee188 Revert "Revert disallowing usernames to end in period."
This reverts commit c75c6b840b.
2015-04-24 14:47:49 +02:00
Douwe Maan c75c6b840b Revert disallowing usernames to end in period. 2015-04-20 12:41:44 +02:00