- 23 Mar, 2020 3 commits
-
-
Alessio Caiazza authored
-
Markus Koller authored
When Workhorse intercepts file uploads, we store the files and send the information about the temporary file in new multipart form values called `file.path`, `file.size` etc. Since we're also copying all other multipart form values from the original client request, it was possible to override the values we set in Workhorse, causing Rails to e.g. load the uploaded file from an injected `file.path` parameter. To avoid this, we check if client parameters have the same name as any of our own added fields and reject the request.
-
Markus Koller authored
The `path` and `remote_*` fields are not always set in Workhorse depending on the storage type, but still picked up in Rails. To avoid injecting any client params with the same name, we just set these fields to empty strings.
-
- 20 Mar, 2020 4 commits
-
-
Nick Thomas authored
Resolve "PyPi - Object storage upload route for package files" See merge request gitlab-org/gitlab-workhorse!474
-
Jacob Vosmaer authored
Release v8.27.0 See merge request gitlab-org/gitlab-workhorse!476
-
Ahmad Sherif authored
-
Jacob Vosmaer authored
Remove Set-Cookie header from archive and raw blob responses See merge request gitlab-org/gitlab-workhorse!475
-
- 19 Mar, 2020 1 commit
-
-
Ahmad Sherif authored
CDNs don't cache responses with Set-Cookie header as they assume they contain some sort of state or user-specific data, which is not the case for raw blobs and repository archives. This change allows GitLab installations that sit behind a CDN to benefit from its caching feature seamlessly. Related to https://gitlab.com/gitlab-com/gl-infra/infrastructure/issues/6829 and https://gitlab.com/gitlab-com/gl-infra/scalability/-/issues/4
-
- 17 Mar, 2020 3 commits
-
-
Daniel Croft authored
-
Daniel Croft authored
-
Daniel Croft authored
-
- 16 Mar, 2020 3 commits
-
-
Nick Thomas authored
Release Workhorse v8.26.0 See merge request gitlab-org/gitlab-workhorse!472
-
Nick Thomas authored
-
Nick Thomas authored
Add route for project imports direct upload via UI See merge request gitlab-org/gitlab-workhorse!470
-
- 10 Mar, 2020 2 commits
-
-
Nick Thomas authored
Release v8.25.0 See merge request gitlab-org/gitlab-workhorse!471
-
Nick Thomas authored
-
- 03 Mar, 2020 2 commits
-
-
Aleksei Lipniagov authored
-
Nick Thomas authored
Add route for project imports direct upload See merge request gitlab-org/gitlab-workhorse!459
-
- 02 Mar, 2020 1 commit
-
-
Nick Thomas authored
Prepare 8.24.0 release with Continuous Profiling See merge request gitlab-org/gitlab-workhorse!469
-
- 28 Feb, 2020 2 commits
-
-
Oswaldo Ferreira authored
Simple version bump to support https://gitlab.com/gitlab-org/gitlab-workhorse/-/merge_requests/461.
-
Nick Thomas authored
Add Stackdriver Profiler through Labkit See merge request gitlab-org/gitlab-workhorse!461
-
- 27 Feb, 2020 5 commits
-
-
Oswaldo Ferreira authored
This updates the labkit library and adds minimal changes to the `monitoring.Serve` initialization, given the profiler can be initialized without requiring Prometheus.
-
Aleksei Lipniagov authored
-
Nick Thomas authored
Add Alessio to the maintainers' list See merge request gitlab-org/gitlab-workhorse!468
-
Alessio Caiazza authored
-
Alessio Caiazza authored
Test against go 1.12 - 1.14 See merge request gitlab-org/gitlab-workhorse!467
-
- 26 Feb, 2020 1 commit
-
-
Nick Thomas authored
-
- 24 Feb, 2020 3 commits
-
-
Alessio Caiazza authored
Add table explaining interaction between authBackend and authSocket See merge request gitlab-org/gitlab-workhorse!463
-
Jacob Vosmaer authored
-
Nick Thomas authored
Release v8.23.0 See merge request gitlab-org/gitlab-workhorse!465
-
- 22 Feb, 2020 1 commit
-
-
Stan Hu authored
-
- 21 Feb, 2020 2 commits
-
-
Nick Thomas authored
Ignore toml files in project root See merge request gitlab-org/gitlab-workhorse!464
-
Jacob Vosmaer authored
-
- 20 Feb, 2020 2 commits
-
-
Jacob Vosmaer authored
Don't set Cache-Control header for git archives See merge request gitlab-org/gitlab-workhorse!462
-
Ahmad Sherif authored
Rails already sets Cache-Control according to the project visibility. Always setting the header value to `private` prevents us from doing proper caching (e.g. at CDN level) for public projects. Related to https://gitlab.com/gitlab-com/gl-infra/infrastructure/issues/6829
-
- 17 Feb, 2020 3 commits
-
-
Jacob Vosmaer authored
Add CI jobs for dependency scanning and static analysis See merge request gitlab-org/gitlab-workhorse!458
-
Dennis Appelt authored
-
Nick Thomas authored
Prepare 8.22.0 release See merge request gitlab-org/gitlab-workhorse!460
-
- 14 Feb, 2020 1 commit
-
-
Jacob Vosmaer authored
-
- 13 Feb, 2020 1 commit
-
-
Nick Thomas authored
Add friendly development error page for 502 See merge request gitlab-org/gitlab-workhorse!453
-