Skip to content

Outbound requests whitelist for local networks

Description

Problem

The problem is that, in light of the recent SSRF fix https://gitlab.com/gitlab-org/gitlab-ce/issues/15329, the current setting to restrict all outgoing requests to private IP4 and IPv6 address ranges may be too encompassing. For example, I want the SSRF resolved (and especially not allow requests to localhost), but I also want to allow requests to a handful of hosts on my private network.

Proposal

For controlling outbound requests, provide the option for a configurable whitelist.

Links / references

Edited by James Ritchey