GitLab wurde erfolgreich aktualisiert. Dank regelmäßiger Updates bleibt das THM GitLab sicher und Sie profitieren von den neuesten Funktionen. Danke für Ihre Geduld.

  • Tiger's avatar
    Validate session key when authorizing with GCP to create a cluster · fc8c1a77
    Tiger authored
    It was previously possible to link a GCP account to another
    user's GitLab account by having them visit the callback URL,
    as there was no check that they were the initiator of the
    request.
    
    We now reject the callback unless the state parameter
    matches the one added to the initiating user's session.
    fc8c1a77
security-kubernetes-google-login-csrf.yml 116 Bytes