Naming a project 'info' introduces invalid redirects from web GUI
Summary
Having a project (repository) named as info
introduces invalid redirects when using GitLab web UI to browse commit history. Affects both - GitLab cloud service and an Omnibus installation.
Steps to reproduce
- Create a project with a project name
info
under any group using GitLab's web UI (select to Initialize the repository with a README) - Go to 'Repository' -> 'Commits' web page
- Select the 'Initial commit' to open its details
- Cancel the HTTP basic authentication dialog or enter your user's credentials (doesn't matter)
Example Project
What is the current bug behavior?
Upon opening the commit details the user is presented with basic HTTP authentication dialog, which is due to front end scripts firing an HTTP GET to <gitlab_domain>/<group_name>/info/refs
which is being redirected to <gitlab_domain>/<group_name>.git/info/refs
which in turn presents with basic HTTP authentication dialog which fails if attempted or can be cancelled. The user is then presented with a message Something went wrong while fetching branches
What is the expected correct behavior?
The HTTP GET for <gitlab_domain>/<group_name>/info/refs
fired from the commit history details view should not be redirected to <gitlab_domain>/<group_name>.git/info/refs
, the HTTP basic auth dialog should not appear and the error message should not appear
Relevant logs and/or screenshots
Output of checks
This bug happens on both - GitLab.com AND Omnibus installation
Results of GitLab environment info
sudo gitlab-rake gitlab:env:info
:
System information
System: Debian 9.9
Current User: git
Using RVM: no
Ruby Version: 2.7.5p203
Gem Version: 3.1.4
Bundler Version:2.2.33
Rake Version: 13.0.6
Redis Version: 6.2.6
Sidekiq Version:6.4.0
Go Version: unknown
GitLab information
Version: 14.10.2
Revision: 07d12f3fd11
Directory: /opt/gitlab/embedded/service/gitlab-rails
DB Adapter: PostgreSQL
DB Version: 12.7
URL: https://<redacted>
HTTP Clone URL: https://<redacted>/some-group/some-project.git
SSH Clone URL: git@<redacted>:some-group/some-project.git
Using LDAP: no
Using Omniauth: yes
Omniauth Providers:
GitLab Shell
Version: 13.25.1
Repository storage paths:
- default: /var/opt/gitlab/git-data/repositories
GitLab Shell path: /opt/gitlab/embedded/service/gitlab-shell
Results of GitLab application Check
sudo gitlab-rake gitlab:check SANITIZE=true
:
Checking GitLab subtasks ...
Checking GitLab Shell ...
GitLab Shell: ... GitLab Shell version >= 13.25.1 ? ... OK (13.25.1)
Running /opt/gitlab/embedded/service/gitlab-shell/bin/check
Internal API available: OK
Redis available via internal API: OK
gitlab-shell self-check successful
Checking GitLab Shell ... Finished
Checking Gitaly ...
Gitaly: ... default ... OK
Checking Gitaly ... Finished
Checking Sidekiq ...
Sidekiq: ... Running? ... yes
Number of Sidekiq processes (cluster/worker) ... 1/1
Checking Sidekiq ... Finished
Checking Incoming Email ...
Incoming Email: ... Reply by email is disabled in config/gitlab.yml
Checking Incoming Email ... Finished
Checking LDAP ...
LDAP: ... LDAP is disabled in config/gitlab.yml
Checking LDAP ... Finished
Checking GitLab App ...
Database config exists? ... yes
All migrations up? ... yes
Database contains orphaned GroupMembers? ... no
GitLab config exists? ... yes
GitLab config up to date? ... yes
Log directory writable? ... yes
Tmp directory writable? ... yes
Uploads directory exists? ... yes
Uploads directory has correct permissions? ... yes
Uploads directory tmp has correct permissions? ... yes
Systemd unit files or init script exist? ... skipped (omnibus-gitlab has neither init script nor systemd units)
Systemd unit files or init script up-to-date? ... skipped (omnibus-gitlab has neither init script nor systemd units)
Projects have namespace: ...
6/3 ... yes
6/4 ... yes
6/5 ... yes
6/6 ... yes
6/7 ... yes
12/8 ... yes
12/9 ... yes
12/10 ... yes
12/11 ... yes
12/12 ... yes
12/13 ... yes
16/14 ... yes
12/15 ... yes
12/16 ... yes
12/17 ... yes
17/18 ... yes
17/19 ... yes
12/20 ... yes
17/21 ... yes
16/22 ... yes
12/23 ... yes
12/24 ... yes
16/25 ... yes
16/26 ... yes
17/27 ... yes
6/28 ... yes
12/29 ... yes
12/30 ... yes
12/31 ... yes
17/32 ... yes
17/33 ... yes
16/34 ... yes
12/35 ... yes
16/36 ... yes
12/37 ... yes
12/38 ... yes
12/40 ... yes
19/41 ... yes
16/42 ... yes
16/45 ... yes
16/47 ... yes
12/48 ... yes
12/50 ... yes
17/51 ... yes
12/52 ... yes
12/53 ... yes
40/54 ... yes
40/55 ... yes
40/56 ... yes
40/57 ... yes
40/58 ... yes
40/59 ... yes
12/60 ... yes
6/61 ... yes
16/62 ... yes
40/63 ... yes
43/64 ... yes
43/65 ... yes
43/66 ... yes
16/67 ... yes
43/68 ... yes
40/69 ... yes
43/70 ... yes
16/71 ... yes
43/72 ... yes
16/73 ... yes
43/74 ... yes
43/75 ... yes
40/76 ... yes
43/77 ... yes
43/78 ... yes
43/79 ... yes
40/80 ... yes
16/81 ... yes
43/82 ... yes
43/83 ... yes
43/84 ... yes
43/85 ... yes
43/86 ... yes
40/87 ... yes
16/88 ... yes
43/89 ... yes
16/90 ... yes
12/91 ... yes
16/92 ... yes
56/94 ... yes
56/95 ... yes
56/96 ... yes
56/97 ... yes
56/98 ... yes
56/99 ... yes
56/100 ... yes
56/101 ... yes
56/102 ... yes
56/103 ... yes
56/104 ... yes
56/105 ... yes
56/106 ... yes
25/107 ... yes
43/108 ... yes
40/109 ... yes
43/110 ... yes
40/111 ... yes
56/112 ... yes
43/113 ... yes
43/114 ... yes
43/115 ... yes
43/116 ... yes
60/117 ... yes
16/118 ... yes
60/119 ... yes
25/120 ... yes
16/121 ... yes
43/122 ... yes
63/123 ... yes
63/124 ... yes
16/125 ... yes
16/126 ... yes
63/127 ... yes
43/128 ... yes
25/129 ... yes
16/130 ... yes
56/131 ... yes
25/132 ... yes
4/133 ... yes
43/134 ... yes
43/135 ... yes
43/136 ... yes
16/137 ... yes
43/138 ... yes
56/139 ... yes
56/140 ... yes
56/141 ... yes
56/142 ... yes
43/143 ... yes
4/144 ... yes
43/145 ... yes
40/146 ... yes
56/147 ... yes
16/148 ... yes
16/149 ... yes
43/150 ... yes
16/151 ... yes
16/152 ... yes
4/153 ... yes
4/155 ... yes
4/156 ... yes
56/157 ... yes
56/158 ... yes
40/159 ... yes
43/160 ... yes
43/161 ... yes
43/162 ... yes
40/163 ... yes
16/164 ... yes
43/165 ... yes
56/166 ... yes
16/167 ... yes
43/168 ... yes
43/169 ... yes
16/170 ... yes
56/171 ... yes
16/172 ... yes
16/173 ... yes
16/174 ... yes
63/175 ... yes
40/176 ... yes
43/177 ... yes
43/178 ... yes
16/179 ... yes
43/180 ... yes
43/181 ... yes
40/182 ... yes
16/183 ... yes
40/184 ... yes
43/185 ... yes
16/186 ... yes
12/187 ... yes
16/188 ... yes
40/189 ... yes
43/190 ... yes
16/191 ... yes
12/192 ... yes
90/193 ... yes
43/194 ... yes
43/195 ... yes
43/196 ... yes
112/197 ... yes
112/198 ... yes
16/199 ... yes
11/200 ... yes
63/201 ... yes
63/202 ... yes
40/204 ... yes
40/205 ... yes
90/206 ... yes
90/207 ... yes
43/208 ... yes
43/209 ... yes
43/210 ... yes
43/211 ... yes
90/212 ... yes
40/213 ... yes
90/214 ... yes
16/215 ... yes
43/216 ... yes
16/217 ... yes
43/218 ... yes
43/219 ... yes
43/220 ... yes
63/221 ... yes
43/222 ... yes
43/223 ... yes
113/224 ... yes
43/225 ... yes
16/226 ... yes
16/227 ... yes
40/228 ... yes
113/229 ... yes
113/230 ... yes
113/231 ... yes
56/232 ... yes
56/233 ... yes
40/234 ... yes
16/235 ... yes
40/236 ... yes
43/237 ... yes
56/238 ... yes
63/239 ... yes
63/240 ... yes
60/241 ... yes
16/242 ... yes
16/243 ... yes
16/244 ... yes
40/245 ... yes
12/246 ... yes
16/247 ... yes
16/248 ... yes
113/249 ... yes
113/250 ... yes
90/251 ... yes
12/252 ... yes
16/253 ... yes
90/254 ... yes
113/255 ... yes
43/256 ... yes
147/257 ... yes
147/258 ... yes
113/259 ... yes
113/260 ... yes
113/261 ... yes
40/263 ... yes
63/264 ... yes
90/265 ... yes
60/266 ... yes
74/267 ... yes
113/268 ... yes
16/269 ... yes
90/270 ... yes
113/271 ... yes
40/272 ... yes
16/273 ... yes
112/274 ... yes
40/275 ... yes
90/276 ... yes
16/277 ... yes
16/278 ... yes
16/279 ... yes
12/280 ... yes
43/282 ... yes
63/283 ... yes
161/284 ... yes
163/285 ... yes
161/286 ... yes
161/287 ... yes
112/288 ... yes
11/289 ... yes
11/290 ... yes
163/291 ... yes
16/292 ... yes
43/293 ... yes
63/294 ... yes
63/295 ... yes
113/296 ... yes
161/298 ... yes
161/299 ... yes
161/300 ... yes
Redis version >= 5.0.0? ... yes
Ruby version >= 2.7.2 ? ... yes (2.7.5)
Git user has default SSH configuration? ... yes
Active users: ... <redacted>
Is authorized keys file accessible? ... yes
GitLab configured to store new projects in hashed storage? ... yes
All projects are in hashed storage? ... yes
Checking GitLab App ... Finished
Checking GitLab subtasks ... Finished
Possible fixes
Either routing rules are incorrect or the logic in the back end confuses the request with git over HTTPS