debian-mirror-gitlab/app/views/admin/application_settings/_outbound.html.haml
2022-06-21 17:19:12 +05:30

25 lines
2 KiB
Text

= gitlab_ui_form_for @application_setting, url: network_admin_application_settings_path(anchor: 'js-outbound-settings'), html: { class: 'fieldset-form' } do |f|
= form_errors(@application_setting)
%fieldset
.form-group
= f.gitlab_ui_checkbox_component :allow_local_requests_from_web_hooks_and_services,
s_('OutboundRequests|Allow requests to the local network from web hooks and services'),
checkbox_options: { data: { qa_selector: 'allow_requests_from_services_checkbox' } }
= f.gitlab_ui_checkbox_component :allow_local_requests_from_system_hooks,
s_('OutboundRequests|Allow requests to the local network from system hooks')
.form-group
= f.label :outbound_local_requests_allowlist_raw, class: 'label-bold' do
= s_('OutboundRequests|Local IP addresses and domain names that hooks and services may access')
= f.text_area :outbound_local_requests_allowlist_raw, placeholder: "example.com, 192.168.1.1, xn--itlab-j1a.com", class: 'form-control gl-form-input', rows: 8
%span.form-text.text-muted
= s_('OutboundRequests|Requests to these domains and IP addresses are accessible to both system hooks and web hooks even when local requests are not allowed. IP ranges such as 1:0:0:0:0:0:0:0/124 and 127.0.0.0/28 are supported. Domain wildcards are not supported. To separate entries use commas, semicolons, or newlines. The allowlist can hold a maximum of 1000 entries. Domains must be IDNA encoded.')
= link_to _('Learn more.'), help_page_path('security/webhooks.md', anchor: 'allowlist-for-local-requests'), target: '_blank', rel: 'noopener noreferrer'
.form-group
= f.gitlab_ui_checkbox_component :dns_rebinding_protection_enabled,
s_('OutboundRequests|Enforce DNS rebinding attack protection'),
help_text: _('OutboundRequests|Resolve IP addresses once and uses them to submit requests.')
= f.submit _('Save changes'), class: "gl-button btn btn-confirm", data: { qa_selector: 'save_changes_button' }