debian-mirror-gitlab/doc/security/user_file_uploads.md
2023-05-27 22:25:52 +05:30

4 KiB

type stage group info
reference Manage Authentication and Authorization To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments

User file uploads (FREE)

  • Enforced authorization checks introduced in GitLab 14.8 with a flag named enforce_auth_checks_on_uploads. Disabled by default.
  • Enforced authorization checks became generally available in GitLab 15.3. Feature flag enforce_auth_checks_on_uploads removed.
  • Project settings in the user interface introduced in GitLab 15.3.

In private or internal projects, GitLab restricts access to uploaded files (such as PDFs) to authenticated users only. By default, image files are not subject to the same restriction, and unauthenticated users can use the URL to view the file. If you enable authorization checks for all media files, images receive the same protection and are viewable only by authenticated users.

Users can upload files to issues, merge requests, or comments in a project. Direct URLs to these images in GitLab contain a random 32-character ID to help prevent unauthorized users from guessing image URLs. This randomization provides some protection if an image contains sensitive information.

Authentication checks for images can cause display issues in the body of notification emails. Emails are frequently read from clients (such as Outlook, Apple Mail, or your mobile device) not authenticated with GitLab. Images in emails appear broken and unavailable if the client is not authorized to GitLab.

Enable authorization checks for all media files

Non-image attachments (including PDFs) always require authentication to be viewed. You can use this setting to extend this protection to image files.

Prerequisite:

  • You must have the Maintainer or Owner role for the project.
  • Your project visibility settings must be Private or Internal.

To configure authentication settings for all media files:

  1. On the top bar, select Main menu > Projects and find your project.
  2. On the left sidebar, select Settings > General.
  3. Expand Visibility, project features, permissions.
  4. Scroll to Project visibility and select Require authentication to view media files. You cannot select this option for projects with Public visibility.

Delete uploaded files

Introduced in GitLab 15.3.

You should delete an uploaded file when that file contains sensitive or confidential information. When you have deleted that file, users cannot access the file and the direct URL returns a 404 error.

Project Owners and Maintainers can use the interactive GraphiQL explorer to access a GraphQL endpoint and delete an uploaded file.

For example:

mutation{
  uploadDelete(input: { projectPath: "<path/to/project>", secret: "<32-character-id>" , filename: "<filename>" }) {
    upload {
      id
      size
      path
    }
    errors
  }
}

Project members that do not have the Owner or Maintainer role cannot access this GraphQL endpoint.