• Kamil Trzciński's avatar
    Extract GitLab Pages using RubyZip · 1a8100cf
    Kamil Trzciński authored
    RubyZip allows us to perform strong validation of
    expanded paths where we do extract file.
    
    We introduce the following additional checks
    to extract routines:
    
    1. None of path components can be symlinked,
    2. We drop privileges support for directories,
    3. Symlink source needs to point within the target directory,
       like `public/`,
    4. The symlink source needs to exist ahead of time.
    1a8100cf
Name
Last commit
Last update
.github Loading commit data...
.gitlab Loading commit data...
app Loading commit data...
bin Loading commit data...
builds Loading commit data...
changelogs Loading commit data...
config Loading commit data...
danger Loading commit data...
db Loading commit data...
doc Loading commit data...
docker Loading commit data...
fixtures/emojis Loading commit data...
generator_templates Loading commit data...
lib Loading commit data...
locale Loading commit data...
log Loading commit data...
plugins/examples Loading commit data...
public Loading commit data...
qa Loading commit data...
rubocop Loading commit data...
scripts Loading commit data...
shared Loading commit data...
spec Loading commit data...
symbol Loading commit data...
tmp Loading commit data...
vendor Loading commit data...
.babelrc.js Loading commit data...
.codeclimate.yml Loading commit data...
.csscomb.json Loading commit data...
.eslintignore Loading commit data...
.eslintrc.yml Loading commit data...
.foreman Loading commit data...
.gitattributes Loading commit data...
.gitignore Loading commit data...
.gitlab-ci.yml Loading commit data...
.haml-lint.yml Loading commit data...
.mailmap Loading commit data...
.nvmrc Loading commit data...
.pkgr.yml Loading commit data...
.prettierignore Loading commit data...
.prettierrc Loading commit data...
.rubocop.yml Loading commit data...
.rubocop_todo.yml Loading commit data...
.ruby-version Loading commit data...
.scss-lint.yml Loading commit data...
CHANGELOG.md Loading commit data...
CONTRIBUTING.md Loading commit data...
Dangerfile Loading commit data...
Dockerfile.assets Loading commit data...
GITALY_SERVER_VERSION Loading commit data...
GITLAB_PAGES_VERSION Loading commit data...
GITLAB_SHELL_VERSION Loading commit data...
GITLAB_WORKHORSE_VERSION Loading commit data...
Gemfile Loading commit data...
Gemfile.lock Loading commit data...
INSTALLATION_TYPE Loading commit data...
LICENSE Loading commit data...
MAINTENANCE.md Loading commit data...
PHILOSOPHY.md Loading commit data...
PROCESS.md Loading commit data...
Procfile Loading commit data...
README.md Loading commit data...
Rakefile Loading commit data...
VERSION Loading commit data...
config.ru Loading commit data...
docker-compose.yml Loading commit data...
jest.config.js Loading commit data...
package.json Loading commit data...
yarn.lock Loading commit data...