Merge "Block access to Gitiles"

This commit is contained in:
Zuul 2022-03-03 22:22:09 +00:00 committed by Gerrit Code Review
commit c5b95b55fa
2 changed files with 11 additions and 0 deletions

View File

@ -61,6 +61,11 @@
#RewriteCond %{REQUEST_URI} !^/maintenance.html$
#RewriteRule ^/(.*) /maintenance.html [last,redirect=temporary]
# We can't disable this plugin, but don't want people using it
<Location "/plugins/gitiles">
Require all denied
</Location>
ProxyPassMatch ^/robots.txt$ !
ProxyPassMatch ^/server-status !
# Comment out these two lines if the maintenance message above is in use

View File

@ -65,3 +65,9 @@ def test_openinfra_cla(host):
assert '200 OK' in cmd.stdout
assert 'Content-Type: text/html' in cmd.stdout
assert 'OpenInfra Foundation Individual Contributor License Agreement' in cmd.stdout
def test_gitiles_blocked(host):
cmd = host.run('curl --include --insecure '
'--resolve review.opendev.org:443:127.0.0.1 '
'https://review.opendev.org/plugins/gitiles/opendev/system-config/')
assert '403 Forbidden' in cmd.stdout