•  
      request #21367 Disallow http:// URLs when adding a GitLab repository
    Infos
    #21367
    Thomas Gerbet (tgerbet)
    2021-05-19 11:15
    2021-05-18 16:11
    22963
    Details
    Disallow http:// URLs when adding a GitLab repository

    Tuleap instances are expected to be served under HTTPS which make not possible to do a request to an HTTP endpoint because browsers blocks active mixed content (or to be more specific in our situation with the CSP Tuleap uses, the browser will attempt to upgrade the URL to https://).

    In any case it's not a good idea to try to reach the GitLab server over HTTP since the request will contain credential information.

    SCM/GitLab
    All
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Thomas Gerbet (tgerbet)
    Closed
    2021-05-19
    Attachments
    Empty
    References

    Follow-ups