Commit 921c704f authored by Brett Walker's avatar Brett Walker 🔴

Set asset_proxy_whitelist default to gitlab host

parent 700bdfc7
Pipeline #80506155 passed with stages
in 95 minutes and 8 seconds
---
title: Default the asset proxy whitelist to the installation domain
merge_request: 32703
author:
type: fixed
......@@ -44,7 +44,7 @@ module Banzai
Gitlab.config.asset_proxy['enabled'] = application_settings.asset_proxy_enabled
Gitlab.config.asset_proxy['url'] = application_settings.asset_proxy_url
Gitlab.config.asset_proxy['secret_key'] = application_settings.asset_proxy_secret_key
Gitlab.config.asset_proxy['whitelist'] = application_settings.asset_proxy_whitelist || [Gitlab.config.gitlab.host]
Gitlab.config.asset_proxy['whitelist'] = determine_whitelist(application_settings)
Gitlab.config.asset_proxy['domain_regexp'] = compile_whitelist(Gitlab.config.asset_proxy.whitelist)
else
Gitlab.config.asset_proxy['enabled'] = ::ApplicationSetting.defaults[:asset_proxy_enabled]
......@@ -57,6 +57,10 @@ module Banzai
escaped = domain_list.map { |domain| Regexp.escape(domain).gsub('\*', '.*?') }
Regexp.new("^(#{escaped.join('|')})$", Regexp::IGNORECASE)
end
def self.determine_whitelist(application_settings)
application_settings.asset_proxy_whitelist.presence || [Gitlab.config.gitlab.host]
end
end
end
end
......@@ -36,6 +36,17 @@ describe Banzai::Filter::AssetProxyFilter do
expect(Gitlab.config.asset_proxy.whitelist).to eq %w(gitlab.com *.mydomain.com)
expect(Gitlab.config.asset_proxy.domain_regexp).to eq /^(gitlab\.com|.*?\.mydomain\.com)$/i
end
context 'when whitelist is empty' do
it 'defaults to the install domain' do
stub_application_setting(asset_proxy_enabled: true)
stub_application_setting(asset_proxy_whitelist: [])
described_class.initialize_settings
expect(Gitlab.config.asset_proxy.whitelist).to eq [Gitlab.config.gitlab.host]
end
end
end
context 'when properly configured' do
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment