You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We should consider adding some filtering to disallow creating a hook that invokes a local/internal http/s endpoint: https://docs.gitlab.com/ee/security/webhooks.html
Also, might worth adding a Tweek internal configuration for only allowing https hooks. (or better, probably the default should be https only, and http can be enabled for local testing)
The text was updated successfully, but these errors were encountered:
We should consider adding some filtering to disallow creating a hook that invokes a local/internal http/s endpoint:
https://docs.gitlab.com/ee/security/webhooks.html
Also, might worth adding a Tweek internal configuration for only allowing https hooks. (or better, probably the default should be https only, and http can be enabled for local testing)
The text was updated successfully, but these errors were encountered: