Loading app/helpers/application_settings_helper.rb +1 −0 Original line number Diff line number Diff line Loading @@ -160,6 +160,7 @@ def visible_attributes :akismet_api_key, :akismet_enabled, :allow_local_requests_from_hooks_and_services, :dns_rebinding_protection_enabled, :archive_builds_in_human_readable, :authorized_keys_enabled, :auto_devops_enabled, Loading app/models/application_setting_implementation.rb +1 −0 Original line number Diff line number Diff line Loading @@ -21,6 +21,7 @@ def defaults after_sign_up_text: nil, akismet_enabled: false, allow_local_requests_from_hooks_and_services: false, dns_rebinding_protection_enabled: true, authorized_keys_enabled: true, # TODO default to false if the instance is configured to use AuthorizedKeysCommand container_registry_token_expire_delay: 5, default_artifacts_expire_in: '30 days', Loading app/views/admin/application_settings/_outbound.html.haml +8 −0 Original line number Diff line number Diff line Loading @@ -8,4 +8,12 @@ = f.label :allow_local_requests_from_hooks_and_services, class: 'form-check-label' do Allow requests to the local network from hooks and services .form-group .form-check = f.check_box :dns_rebinding_protection_enabled, class: 'form-check-input' = f.label :dns_rebinding_protection_enabled, class: 'form-check-label' do = _('Enforce DNS rebinding attack protection') %span.form-text.text-muted = _('Resolves IP addresses once and uses them to submit requests') = f.submit 'Save changes', class: "btn btn-success" db/migrate/20190529142545_add_dns_rebinding_protection_enabled_to_application_settings.rb 0 → 100644 +23 −0 Original line number Diff line number Diff line # frozen_string_literal: true # See http://doc.gitlab.com/ce/development/migration_style_guide.html # for more information on how to write migrations for GitLab. class AddDnsRebindingProtectionEnabledToApplicationSettings < ActiveRecord::Migration[5.1] include Gitlab::Database::MigrationHelpers DOWNTIME = false disable_ddl_transaction! def up add_column_with_default(:application_settings, :dns_rebinding_protection_enabled, :boolean, default: true, allow_null: false) end def down remove_column(:application_settings, :dns_rebinding_protection_enabled) end end db/schema.rb +2 −1 Original line number Diff line number Diff line Loading @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. ActiveRecord::Schema.define(version: 20190524062810) do ActiveRecord::Schema.define(version: 20190529142545) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" Loading Loading @@ -193,6 +193,7 @@ t.integer "elasticsearch_replicas", default: 1, null: false t.text "encrypted_lets_encrypt_private_key" t.text "encrypted_lets_encrypt_private_key_iv" t.boolean "dns_rebinding_protection_enabled", default: true, null: false t.index ["usage_stats_set_by_user_id"], name: "index_application_settings_on_usage_stats_set_by_user_id", using: :btree end Loading Loading
app/helpers/application_settings_helper.rb +1 −0 Original line number Diff line number Diff line Loading @@ -160,6 +160,7 @@ def visible_attributes :akismet_api_key, :akismet_enabled, :allow_local_requests_from_hooks_and_services, :dns_rebinding_protection_enabled, :archive_builds_in_human_readable, :authorized_keys_enabled, :auto_devops_enabled, Loading
app/models/application_setting_implementation.rb +1 −0 Original line number Diff line number Diff line Loading @@ -21,6 +21,7 @@ def defaults after_sign_up_text: nil, akismet_enabled: false, allow_local_requests_from_hooks_and_services: false, dns_rebinding_protection_enabled: true, authorized_keys_enabled: true, # TODO default to false if the instance is configured to use AuthorizedKeysCommand container_registry_token_expire_delay: 5, default_artifacts_expire_in: '30 days', Loading
app/views/admin/application_settings/_outbound.html.haml +8 −0 Original line number Diff line number Diff line Loading @@ -8,4 +8,12 @@ = f.label :allow_local_requests_from_hooks_and_services, class: 'form-check-label' do Allow requests to the local network from hooks and services .form-group .form-check = f.check_box :dns_rebinding_protection_enabled, class: 'form-check-input' = f.label :dns_rebinding_protection_enabled, class: 'form-check-label' do = _('Enforce DNS rebinding attack protection') %span.form-text.text-muted = _('Resolves IP addresses once and uses them to submit requests') = f.submit 'Save changes', class: "btn btn-success"
db/migrate/20190529142545_add_dns_rebinding_protection_enabled_to_application_settings.rb 0 → 100644 +23 −0 Original line number Diff line number Diff line # frozen_string_literal: true # See http://doc.gitlab.com/ce/development/migration_style_guide.html # for more information on how to write migrations for GitLab. class AddDnsRebindingProtectionEnabledToApplicationSettings < ActiveRecord::Migration[5.1] include Gitlab::Database::MigrationHelpers DOWNTIME = false disable_ddl_transaction! def up add_column_with_default(:application_settings, :dns_rebinding_protection_enabled, :boolean, default: true, allow_null: false) end def down remove_column(:application_settings, :dns_rebinding_protection_enabled) end end
db/schema.rb +2 −1 Original line number Diff line number Diff line Loading @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. ActiveRecord::Schema.define(version: 20190524062810) do ActiveRecord::Schema.define(version: 20190529142545) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" Loading Loading @@ -193,6 +193,7 @@ t.integer "elasticsearch_replicas", default: 1, null: false t.text "encrypted_lets_encrypt_private_key" t.text "encrypted_lets_encrypt_private_key_iv" t.boolean "dns_rebinding_protection_enabled", default: true, null: false t.index ["usage_stats_set_by_user_id"], name: "index_application_settings_on_usage_stats_set_by_user_id", using: :btree end Loading
