28 lines
976 B
Diff
28 lines
976 B
Diff
--- a/lib/gitlab/ci/config/node/validators.rb
|
|
+++ b/lib/gitlab/ci/config/node/validators.rb
|
|
@@ -48,10 +48,24 @@
|
|
include LegacyValidationHelpers
|
|
|
|
def validate_each(record, attribute, value)
|
|
- unless validate_string(value)
|
|
+ if validate_string(value)
|
|
+ validate_path(record, attribute, value)
|
|
+ else
|
|
record.errors.add(attribute, 'should be a string or symbol')
|
|
end
|
|
end
|
|
+
|
|
+ private
|
|
+
|
|
+ def validate_path(record, attribute, value)
|
|
+ path = CGI.unescape(value.to_s)
|
|
+
|
|
+ if path.include?('/')
|
|
+ record.errors.add(attribute, 'cannot contain the "/" character')
|
|
+ elsif path == '.' || path == '..'
|
|
+ record.errors.add(attribute, 'cannot be "." or ".."')
|
|
+ end
|
|
+ end
|
|
end
|
|
|
|
class TypeValidator < ActiveModel::EachValidator
|