Skip to content

Add limit for wiki page content size

Markus Koller requested to merge 31176-wiki-page-size-validation into master

What does this MR do?

This adds a new validation to restrict the maximum size of a wiki page, which is only enforced when the content is updated.

The default limit is 50MB, and can be changed through the Rails console or the API.

Ref: #31176 (closed)

Migrations

20200713141854_add_wiki_page_max_content_bytes_to_application_settings.rb

db:migrate:up

$ rake db:migrate:up VERSION=20200713141854
== 20200713141854 AddWikiPageMaxContentBytesToApplicationSettings: migrating ==
-- add_column(:application_settings, :wiki_page_max_content_bytes, :bigint, {:default=>52428800, :null=>false})
   -> 0.0038s
== 20200713141854 AddWikiPageMaxContentBytesToApplicationSettings: migrated (0.0039s)

db:migrate:down

$ rake db:migrate:down VERSION=20200713141854
== 20200713141854 AddWikiPageMaxContentBytesToApplicationSettings: reverting ==
-- remove_column(:application_settings, :wiki_page_max_content_bytes, :bigint, {:default=>52428800, :null=>false})
   -> 0.0014s
== 20200713141854 AddWikiPageMaxContentBytesToApplicationSettings: reverted (0.0025s)

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • [-] Label as security and @ mention @gitlab-com/gl-security/appsec
  • [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • [-] Security reports checked/validated by a reviewer from the AppSec team
Edited by Markus Koller

Merge request reports