The source project of this merge request has been removed.
Don't block the avatar path for grafana in the nginx configuration
What does this MR do?
While using Grafana, I noticed that local avatars can no longer be loaded since version 13.0.1. According to the changelog, this was blocked for security reasons; I myself can't understand these reasons, since not everyone uses Gravatar and furthermore every local avatar is stored under a URL that is not easy to guess.
This merge request removes the configuration change from 0267a5e9 (See merge request gitlab-org/security/omnibus-gitlab!21) in NGINX that causes the blocking of the avatar path.
Related issues
Merge Request which should be reverted: gitlab-org/security/omnibus-gitlab!21
Checklist
See Definition of done.
-
Changelog entry created. Not applicable for Documentation changes and minor changes. -
Documentation created/updated -
Tests added -
Integration tests added to GitLab QA, if applicable -
MR targeting masterbranch -
MR has a green pipeline on GitLab.com -
Equivalent MR/issue for CNG opened if applicable -
trigger-packagehas a green pipeline running against latest commit
Reviewer Checklist
In addition to above, reviewer must:
-
Pipeline is green on dev.gitlab.org if the change is not touching documentation or internal cookbooks
Edited by Fabian Laule