Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

request #21367: Disallow http:// URLs when adding a GitLab repository

Download Browse

Usage of http:// URLs, on top of being insecure, are very likely to not work. Tuleap instances are expected to be served under HTTPS and browsers will block/force upgrade to HTTPS the first request that is done to retrieve the list of projects because it is active mixed content. If the GL server is not accessible with HTTPS users will get an error which is more confusing than just preventing them to do the query (and it is easier for the support team to troubleshoot). Change-Id: Iec724369c61d5be222d6ea9d9c32570d76605785

+4 −4
Thomas Gerbet (tgerbet) 2021-05-18 16:22
Thomas Gerbet (tgerbet) 2021-05-18 16:33
08d7a4f45c21b27bfdf31f5d6317db41b5963e9c
eeac6a3d0a704ee1f373fdb8e0442db0cc1961d0
git #tuleap/stable/08d7a4f45c21b27bfdf31f5d6317db41b5963e9c

Modified Files

Side by side diff
Inline diff
Name
M plugins/git/scripts/repositories/src/components/GitlabModal/CreateGitlabLinkModal/CredentialsFormModal.vue +1 −1 Go to diff View file
M plugins/gitlab/include/REST/v1/GitlabRepositoryBotApiTokenPatchRepresentation.php +1 −1 Go to diff View file
M plugins/gitlab/include/REST/v1/GitlabRepositoryPOSTRepresentation.php +1 −1 Go to diff View file
M plugins/gitlab/include/REST/v1/GitlabRepositoryWebhookSecretPatchRepresentation.php +1 −1 Go to diff View file