Only allow strings in URL::Sanitizer.valid? (!23675) · Merge requests · GitLab.org / GitLab FOSS

Stan Hu requested to merge sh-ignore-arrays-url-sanitizer into master Dec 09, 2018

From https://gitlab.com/gitlab-org/gitlab-ce/issues/55079, we see that some values of .gitlab-ci.yml attempt to pass in an array for a URL, but this results in an Error 500 because url.strip does not make any sense.

Only allow strings in URL::Sanitizer.valid?

Merge request reports