I suggest you ...

Configure preferred repository access protocols with enable/disable options

It would be really nice to disable HTTP repository url. In my instance I only use the SSH one so the HTTP one presents dummy url starting with http://localhost/

269 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    SpOoN BYOSpOoN BYO shared this idea  ·   ·  Admin →
    MateuszMateusz shared a merged idea: Add a configuration option to hide the SSH access URL from the dashboard (and only show HTTPS)  ·   · 

    28 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • JonathanJonathan commented  · 

        Just to add my two cents:
        I want to allow ssh and https cloning, but NOT http cloning. I think the reasons should be obvious-- if I offer https and I'm not getting enormous (i.e., costly) traffic, there is no good reason to allow my users to download the code over an insecure connection. Even in a case where a user only wants to read the code, the small speed benefit doesn't outweigh the risks. I don't want it to be an option, and if it's not then I don't even need to care about the risks.

        I'm getting an impression that people are using the term "http" as a shorthand for "http and https"-- that's why I wanted to comment.

        Thanks

      • Accounting ProgrammerAccounting Programmer commented  · 

        http://tasaheelteeba.com/?p=68 شركة تنظيف منازل بالمدينة المنورة
        http://tasaheelteeba.com/?p=46 شركة مكافحة حشرات بالمدينة المنورة
        http://tasaheelteeba.com/?p=41 شركة كشف تسربات بالمدينة المنورة
        http://tasaheelteeba.com/?p=38 شركة تنظيف كنب بالمدينة المنورة
        http://tasaheelteeba.com/?p=21 شركة تنظيف وغسيل الخزانات بالمدينة المنورة
        http://tasaheelteeba.com/?p=8 شركة نقل العفش بالمدينة المنورة
        http://tasaheelteeba.com/?p=192 شراء الاثاث المستعمل بالمدينة المنورة
        http://tasaheelteeba.com/?p=99 شراء اثاث مستعمل بالمدينة المنورة
        http://tasaheelteeba.com/?p=215 شركة غسيل كنب بالمدينة المنورة
        http://tasaheelteeba.com/?p=225 شركة عزل خزانات بالمدينة المنورة
        http://tasaheelteeba.com

      • s7v7nislandss7v7nislands commented  · 

        where to post? github,or gitlab, or here?

      • 123Haynes123Haynes commented  · 

        Is someone still activly working on this?

      • zzjinzzjin commented  · 

        may be an alternative solution is to have one "per project" setting witch can set each project can clone via ssh or not.
        when one project is "public" there is no such config. and can only clone|push via http(s)

      • Sullivan SENECHALSullivan SENECHAL commented  · 

        So you continue you PR ? In this case no necessary to continue mine. ;)

        1) Good question for public repositories... Technically it would deactivate git clone at all, not very useful but not a problem if public repos are not used...

        2) Yeah I was going on the same way. Disable views and, at least, services. But I don't well know where to do this...

        The best is to try a PR with yours propositions and start a discussion directly with the collaborators! ;)

      • Philipp HäfelePhilipp Häfele commented  · 

        @Sullivan I will use your refs and the extra text if both are disabled. Like the keys tab on profile settings and the default_clone_protocol and address.

        Do you have any suggestions for my 2 questions?

      • Philipp HäfelePhilipp Häfele commented  · 

        I'm just trying to implement this options but i have some questions. First of all what should happen to the clone panel on public repositories if http is disabled!?

        Should we hide it because if you can't login, you can't add your key and ergo can't clone it.

        Other question is related to the question from "Sullivan SENECHAL". Before i have to review the whole code it would be nice to get some hints where to disable the services and ssh keys of profile.

        At first I'm going to hide the views and later disable the services.

      • Sullivan SENECHALSullivan SENECHAL commented  · 

        I think if http or ssh disable, that must desactivate the service, not only the showed link, I'm right ?

      • Toms SeisumsToms Seisums commented  · 

        Yeah, this would be great. Ultimately, it'd be nice if we could have something like Apache's "allow/deny" functionality, so we could enable/disable hosts that can do either of clones.

        I'm using some tools that work with these repositories, and I have these tools on the same host as GitLab. So, adding localhost to the allow list and deny everything else would be wonderful!

      • Ben BodenmillerBen Bodenmiller commented  · 

        I think there should be a third option that allows a user to specific the preferred option without disabling the others. For example if I have HTTP set as prefer I would expect that address to show up on the project page first.

      • Philipp HäfelePhilipp Häfele commented  · 

        Is there anybody working in this feature, because i would try to implement this options?

      • rtrauntveinrtrauntvein commented  · 

        Would be great to be able to disable SSH and HTTP git methods independently. Seems like there are use cases for people using only one or the other...or both.

      • Anonymous commented  · 

        Possibility to disable GLOBALLY HTTPS/HTTPS pull/push,... achieve only SSH data access via rsa key.

      ← Previous 1

      Feedback and Knowledge Base