Themes/components from GitLab gives error 500 when installing/updating

Almost certainly because of the SSRF protections fixes.

Gitlab is 301 redirecting a git clone for https://gitlab.com/silentboatman/discourse-masonry-image-gallery to https://gitlab.com/silentboatman/discourse-masonry-image-gallery.git/ (sic, ends with .git/) but git is called with -c http.followRedirects=false so it fails.

Entering https://gitlab.com/silentboatman/discourse-masonry-image-gallery.git/ as the repository URL directly does not work because that is reverted back to https://gitlab.com/silentboatman/discourse-masonry-image-gallery by FinalDestination.resolve(@uri.to_s) because, you won’t believe it, when requested outside of git, the redirection goes the other way around! Gitlab 302 redirects https://gitlab.com/silentboatman/discourse-masonry-image-gallery.git/ to https://gitlab.com/silentboatman/discourse-masonry-image-gallery

EDIT using GIT_CURL_VERBOSE=1 I was able to see that Git appends info/refs?service=git-upload-pack when cloning, so

GET /silentboatman/discourse-masonry-image-gallery/info/refs?service=git-upload-pack HTTP/2

goes to

location: https://gitlab.com/silentboatman/discourse-masonry-image-gallery.git/info/refs?service=git-upload-pack
5 Likes