debian-mirror-gitlab/lib/gitlab/octokit/middleware.rb

# frozen_string_literal: true

module Gitlab
  module Octokit
    class Middleware
      def initialize(app)
        @app = app
      end

      def call(env)
        Gitlab::UrlBlocker.validate!(env[:url],
          schemes: %w[http https],
          allow_localhost: allow_local_requests?,
          allow_local_network: allow_local_requests?,
          dns_rebind_protection: dns_rebind_protection?
        )

        @app.call(env)
      end

      private

      def dns_rebind_protection?
        Gitlab::CurrentSettings.dns_rebinding_protection_enabled?
      end

      def allow_local_requests?
        Gitlab::CurrentSettings.allow_local_requests_from_web_hooks_and_services?
      end
    end
  end
end
New upstream version 11.11.7+dfsg 2019-07-31 22:56:46 +05:30			`# frozen_string_literal: true`

			`module Gitlab`
			`module Octokit`
			`class Middleware`
			`def initialize(app)`
			`@app = app`
			`end`

			`def call(env)`
New upstream version 15.6.4+ds1 2023-01-13 00:05:48 +05:30			`Gitlab::UrlBlocker.validate!(env[:url],`
			`schemes: %w[http https],`
			`allow_localhost: allow_local_requests?,`
New upstream version 15.11.6+ds1 2023-06-20 00:43:36 +05:30			`allow_local_network: allow_local_requests?,`
			`dns_rebind_protection: dns_rebind_protection?`
New upstream version 15.6.4+ds1 2023-01-13 00:05:48 +05:30			`)`
New upstream version 11.11.7+dfsg 2019-07-31 22:56:46 +05:30
			`@app.call(env)`
			`end`

			`private`

New upstream version 15.11.6+ds1 2023-06-20 00:43:36 +05:30			`def dns_rebind_protection?`
			`Gitlab::CurrentSettings.dns_rebinding_protection_enabled?`
			`end`

New upstream version 11.11.7+dfsg 2019-07-31 22:56:46 +05:30			`def allow_local_requests?`
New upstream version 12.2.8 2019-10-12 21:52:04 +05:30			`Gitlab::CurrentSettings.allow_local_requests_from_web_hooks_and_services?`
New upstream version 11.11.7+dfsg 2019-07-31 22:56:46 +05:30			`end`
			`end`
			`end`
			`end`