root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
gitlab-ce/spec/lib
History
Nick Thomas 69645389e9
Prevent a path traversal attack on global file templates 
The API permits path traversal characters like '../' to be passed down
to the template finder. Detect these requests and cause them to fail
with a 500 response code.
 		2018-12-05 14:12:35 +00:00
..
api
backup
banzai Merge branch 'security-xss-in-markdown-following-unrecognized-html-element' into 'master' 2018-11-28 19:09:35 -05:00
bitbucket
bitbucket_server
constraints
container_registry
gitaly
gitlab Prevent a path traversal attack on global file templates 2018-12-05 14:12:35 +00:00
google_api
json_web_token Relocate JSONWebToken::HMACToken from EE 2018-11-13 08:36:57 +11:00
mattermost
microsoft_teams
object_storage
omni_auth/strategies
quality
rspec_flaky
system_check
after_commit_queue_spec.rb
event_filter_spec.rb
expand_variables_spec.rb
extracts_path_spec.rb Revert "Merge branch 'revert-e2aa2177' into 'master'" 2018-11-20 12:29:56 +00:00
feature_spec.rb
file_size_validator_spec.rb
forever_spec.rb
gitlab_spec.rb
milestone_array_spec.rb
system_check_spec.rb
uploaded_file_spec.rb