Skip to content

Add Outbound requests whitelist for local networks

Reuben Pereira requested to merge 44496-outbound_requests_whitelist into master

What does this MR do?

This MR is based on https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/21377

This MR adds a whitelist that can be used to allow requests to certain IPs/domains on the local network when requests to the local network from hooks and services are disabled.

It allows the following types of entries in the whitelist:

  • Domains: domain.com, subdomain.domain.com
  • IPv4 and IPv6: 192.168.1.1, fe80::c800:eff:fe74:8
  • IP ranges: 127.0.0.0/28, 1:0:0:0:0:0:0:0/124

The following are not supported:

  • Domain wildcards: *.domain.com
  • Ports: 192.168.1.1:3000 (Do we need to support this?)

Issue: https://gitlab.com/gitlab-org/gitlab-ce/issues/44496

Putting unicode values or HTML tags in the whitelist causes an error:

whitelist_validations

whitelist_validations

Does this MR meet the acceptance criteria?

Conformity

Performance and testing

Edited by 🤖 GitLab Bot 🤖

Merge request reports