Fix bug by encoding security policy URIs
What does this MR do and why?
Fix bug by encoding security policy URIs
- for security policies whose name contain characters that should
be encoded (e.g.
/), those characters were not being encoded leading to 404s - encode special characters for URI
- Update encoding of merge request settings patg
- scan result edit path needed encoding for slashes
- update tests
Changelog: fixed
EE: true
Related to #360482 (closed)
Screenshots or screen recordings
| Page | Before | After |
|---|---|---|
Scan Execution from Security & Compliances => Policies
|
 |
 |
Scan Result from project => Settings => General => Merge request approvals
|
 |
 |
How to set up and validate locally
- Upload a GitLab Ultimate license
- Navigate to a project =>
Security & Compliance=>Policies=>New policy - Create a policy with all sorts of weird characters (e.g. /, -, , etcetera)
- Save the policy and merge the resulting MR
- Navigate back to the project =>
Security & Compliance=>Policies=> select newly created policy =>Edit policy - Ensure there isn't a 404
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Merge request reports
Activity
assigned to @aturinske
Resolved by Ezekiel Kigbo@zmartins can you review this? Thanks
- Last reply by Alexander Turinske
requested review from @zmartins
Suggested Reviewers (beta)
This is an experimental ML-based code reviewer recommendation system created by ~"group::applied ml".
The individuals below may be good candidates to participate in the review based on various factors.
After you review all recommendations, please assign reviewers manually, as this is not done automatically.
You can use slash commands in comments to quickly assign
/assign_reviewer @user1.Reviewers @farias-gl,@dpisek,@svedova,@aturinske,@cngoIf you do not believe these recommendations are useful or if you do not want to use any of the suggestions, please apply the label Bad Suggested Reviewer. You can also provide feedback for this feature on this issue:
https://gitlab.com/gitlab-org/gitlab/-/issues/357923.Automatically generated by Suggested Reviewers Bot
Edited by GitLab Reviewer-Recommender BotReviewer roulette
Changes that require review have been detected!
Please refer to the table below for assigning reviewers and maintainers suggested by Danger in the specified category:
Category Reviewer Maintainer frontend Diana Zubova ( @dzubova) (UTC+2, 7 hours ahead of@aturinske)Miguel Rincon ( @mrincon) (UTC+2, 7 hours ahead of@aturinske)To spread load more evenly across eligible reviewers, Danger has picked a candidate for each review slot, based on their timezone. Feel free to override these selections if you think someone else would be better-suited or use the GitLab Review Workload Dashboard to find other available reviewers.
To read more on how to use the reviewer roulette, please take a look at the Engineering workflow and code review guidelines. Please consider assigning a reviewer or maintainer who is a domain expert in the area of the merge request.
Once you've decided who will review this merge request, assign them as a reviewer! Danger does not automatically notify them for you.
Generated by
changed milestone to %15.0
Bundle size analysis [beta]
This compares changes in bundle size for entry points between the commits 604c84fc and b8591e7d
Entrypoint / Name Size before Size after Diff Diff in percent average 3.45 MB 3.45 MB - -0.0 % mainChunk 1.93 MB 1.93 MB - 0.0 % 
Expand
Entrypoint / Name Size before Size after Diff Diff in percent pages.admin.runners.show 1.07 MB 1007.87 KB -87.28 KB -8.0 %
Please look at the full report for more details
Read more about how this report works.
Generated by
Allure report
allure-report-publishergenerated test report!review-qa-blocking:
expand test summary
+-------------------------------------------------------------------+ | suites summary | +----------------------+--------+--------+---------+-------+--------+ | | passed | failed | skipped | flaky | result | +----------------------+--------+--------+---------+-------+--------+ | Protect | 2 | 0 | 0 | 0 | ✅ | | Plan | 41 | 0 | 1 | 1 | ❗ | | Verify | 12 | 0 | 1 | 7 | ❗ | | Manage | 26 | 0 | 2 | 10 | ❗ | | Package | 24 | 0 | 1 | 24 | ❗ | | Configure | 0 | 0 | 1 | 0 | ➖ | | Create | 17 | 0 | 2 | 3 | ❗ | | Version sanity check | 0 | 0 | 1 | 0 | ➖ | +----------------------+--------+--------+---------+-------+--------+ | Total | 122 | 0 | 9 | 45 | ❗ | +----------------------+--------+--------+---------+-------+--------+added 198 commits
-
84d55b1c...bdf5fc56 - 197 commits from branch
master - e42ba046 - Fix bug by encoding security policy URIs
-
84d55b1c...bdf5fc56 - 197 commits from branch
@zmartins, thanks for approving this merge request.This is the first time the merge request is approved. To ensure full test coverage, a new pipeline has been started.
For more info, please refer to the following links:
added 1 commit
- b8591e7d - Update encoding of merge request settings path
requested review from @ekigbo
removed review request for @zmartins
Nice work @aturinske, great work on the fix
enabled an automatic merge when the pipeline for c1cef624 succeeds
mentioned in issue #357923 (closed)
mentioned in commit 3586627f
added workflowstaging-canary label and removed workflowrefinement label
added workflowcanary label and removed workflowstaging-canary label
added workflowstaging label and removed workflowcanary label
added workflowproduction label and removed workflowstaging label
added releasedcandidate label
added releasedpublished label and removed releasedcandidate label
