Disallow reserved domains from being verified
What does this MR do and why?
Disallow reserved domains from being verified using domain verification. We have list of reserved domains for the feature Restrict group access by domain feature. We are extending the list and use the same list for gitlab custom domain feature The new list of reserved domains are
'aol.com', 'gmail.com', 'hotmail.co.uk', 'hotmail.com', 'hotmail.fr', 'icloud.com', 'live.com', 'mail.com', 'me.com', 'msn.com', 'outlook.com', 'proton.me', 'protonmail.com', 'tutanota.com', 'yahoo.com', 'yandex.com', 'zohomail.com'
A post migration script is added to delete existing records as these records can exist in existing database as unverified. You can find more reasoning from the @bdenkovych
's comment
Screenshots or screen recordings
How to set up and validate locally
- Simulate SaSS
- Go to group settings page
- Try to verify a reserved domain, eg gmail.com
- Ensure that form is showing validation message
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #403362 (closed)
Edited by Aboobacker MK