Class: Gitlab::UrlBlocker

Inherits:
Object
  • Object
show all
Defined in:
lib/gitlab/url_blocker.rb

Constant Summary collapse

BlockedUrlError =
Class.new(StandardError)

Class Method Summary collapse

Class Method Details

.blocked_url?(url, **kwargs) ⇒ Boolean

Returns:

  • (Boolean)

74
75
76
77
78
79
80
# File 'lib/gitlab/url_blocker.rb', line 74

def blocked_url?(url, **kwargs)
  validate!(url, **kwargs)

  false
rescue BlockedUrlError
  true
end

.validate!(url, ports: [], schemes: [], allow_localhost: false, allow_local_network: true, allow_object_storage: false, ascii_only: false, enforce_user: false, enforce_sanitization: false, dns_rebind_protection: true) ⇒ Object

Validates the given url according to the constraints specified by arguments.

ports - Raises error if the given URL port does is not between given ports. allow_localhost - Raises error if URL resolves to a localhost IP address and argument is false. allow_local_network - Raises error if URL resolves to a link-local address and argument is false. allow_object_storage - Avoid raising an error if URL resolves to an object storage endpoint and argument is true. ascii_only - Raises error if URL has unicode characters and argument is true. enforce_user - Raises error if URL user doesn't start with alphanumeric characters and argument is true. enforce_sanitization - Raises error if URL includes any HTML/CSS/JS tags and argument is true.

Returns an array with [<uri>, <original-hostname>]. rubocop:disable Metrics/ParameterLists


23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
# File 'lib/gitlab/url_blocker.rb', line 23

def validate!(
  url,
  ports: [],
  schemes: [],
  allow_localhost: false,
  allow_local_network: true,
  allow_object_storage: false,
  ascii_only: false,
  enforce_user: false,
  enforce_sanitization: false,
  dns_rebind_protection: true)
  # rubocop:enable Metrics/ParameterLists

  return [nil, nil] if url.nil?

  # Param url can be a string, URI or Addressable::URI
  uri = parse_url(url)

  validate_uri(
    uri: uri,
    schemes: schemes,
    ports: ports,
    enforce_sanitization: enforce_sanitization,
    enforce_user: enforce_user,
    ascii_only: ascii_only
  )

  address_info = get_address_info(uri, dns_rebind_protection)
  return [uri, nil] unless address_info

  ip_address = ip_address(address_info)
  return [uri, nil] if domain_allowed?(uri)

  protected_uri_with_hostname = enforce_uri_hostname(ip_address, uri, dns_rebind_protection)

  return protected_uri_with_hostname if ip_allowed?(ip_address, port: get_port(uri))

  # Allow url from the GitLab instance itself but only for the configured hostname and ports
  return protected_uri_with_hostname if internal?(uri)

  return protected_uri_with_hostname if allow_object_storage && object_storage_endpoint?(uri)

  validate_local_request(
    address_info: address_info,
    allow_localhost: allow_localhost,
    allow_local_network: allow_local_network
  )

  protected_uri_with_hostname
end