Simplify SystemHookUrlValidator to inherit from PublicUrlValidator
Refactor specs to move out shared examples to be used in both
system hooks and public url validators.
This MR adds new application setting to network section
`allow_local_requests_from_system_hooks`. Prior to this change
system hooks were allowed to do local network requests by default
and we are adding an ability for admins to control it.
AES-256-GCM cipher mode requires a key that is exactly 32 bytes long.
We already handle the case when the key is too long, by truncating, but
the key can also be too short in some installations. Switching to a key
that is always exactly the right length (by virtue of right-padding
ASCII 0 characters) allows encryption to proceed, without breaking
backward compatibility.
When the key is too short, encryption fails with an `ArgumentError`,
causing the web hooks functionality to be unusable. As a result, zero
rows can exist with values encrypted with the too-short key.
When the key is too long, it is silently truncated. In this case, the
key is unchanged, so values encrypted with the new too-long key will
still be successfully decrypted.
Allow specificying a branch filter for a project hook and only trigger
a project hook if either the branch filter is blank or the branch matches.
Only supported for push_events for now.
Don't allow line breaks on HTTP headers
See merge request gitlab/gitlabhq!2277
(cherry picked from commit 7fc0a6fc096768a5604d6dd24d7d952e53300c82)
073b8f9c Don't allow line breaks on HTTP headers
This is allowed for existing instances so we don't end up 76 offenses
right away, but for new code one should _only_ use this if they _have_
to remove non database data. Even then it's usually better to do this in
a service class as this gives you more control over how to remove the
data (e.g. in bulk).
* implemented logging of project and system web hooks
* implemented UI for user area (project hooks)
* implemented UI for admin area (system hooks)
* implemented retry of logged webhook
* NOT imeplemented log remover
Improve documentation and web test for web hooks
Tips and documentation of actual hook behavior. Improved user feedback
when testing hooks via the web UI.
See merge request !4015
In 8278b763d9 the default behaviour of annotation
has changes, which was causing a lot of noise in diffs. We decided in #17382
that it is better to get rid of the whole annotate gem, and instead let people
look at schema.rb for the columns in a table.
Fixes: #17382
If a Web hook test fails due to an SSL error or some other error, report
the result back to the user instead of an Error 500.
Closes#3656
Handle response
GitLab Bot
George Koltsov
Nick Thomas
Yorick Peterse
Duana Saskia
gfyoung
Francisco Javier López
Robert Speicher
Alexander Randa
Douwe Maan
Bob Van Landuyt
Gabriel Mazetto
Rémy Coutable
Douglas Barbosa Alexandre
Lin Jen-Shin
Jacob Vosmaer
Jeroen van Baarsen
Dmitriy Zaporozhets
Zeger-Jan van de Weg
Gabriel Mazetto
Kirilll Zaycev
Jason Lee
Stan Hu
Kamil Trzcinski
Robert Speicher
Valery Sizov
Valery Sizov