Nginx( C )-> Workhorse(gitlab自己的中间件 Go) -> Unicorn(新版本为 puma) (Ruby)

location / {
  client_max_body_size 0;
  gzip off;

## https://github.com/gitlabhq/gitlabhq/issues/694
## Some requests take more than 30 seconds.
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_redirect off;

proxy_http_version 1.1;

proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade_gitlab;

proxy_pass http://gitlab-workhorse;
}

/a/b/../../../

/a/b/%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F

scope path: :uploads do
  # Note attachments and User/Group/Project/Topic avatars
  get "-/system/:model/:mounted_as/:id/:filename",
  to: "uploads#show",
  constraints: { model: %r{note|user|group|project|projects/topic|achievements/achievement}, mounted_as: /avatar|attachment/, filename: %r{[^/]+} }
......

# This should either
#   - send the file directly
#   - or redirect to its URL
#
def show
  return render_404 unless uploader&.exists?

ttl, directives = *cache_settings
ttl ||= 0
directives ||= { private: true, must_revalidate: true }

expires_in ttl, directives

file_uploader = [uploader, *uploader.versions.values].find do |version|
version.filename == params[:filename]
end

return render_404 unless file_uploader

workhorse_set_content_type!
send_upload(file_uploader, attachment: file_uploader.filename, disposition: content_disposition)
end

def send_upload(file_upload, send_params: {}, redirect_params: {}, attachment: nil, proxy: false, disposition: 'attachment')
  content_type = content_type_for(attachment)

if attachment
response_disposition = ActionDispatch::Http::ContentDisposition.format(disposition: disposition, filename: attachment)

# Response-Content-Type will not override an existing Content-Type in
# Google Cloud Storage, so the metadata needs to be cleared on GCS for
# this to work. However, this override works with AWS.
redirect_params[:query] = { "response-content-disposition" => response_disposition,
"response-content-type" => content_type }
# By default, Rails will send uploads with an extension of .js with a
# content-type of text/javascript, which will trigger Rails'
# cross-origin JavaScript protection.
send_params[:content_type] = 'text/plain' if File.extname(attachment) == '.js'

send_params.merge!(filename: attachment, disposition: disposition)
end

if image_scaling_request?(file_upload)
location = file_upload.file_storage? ? file_upload.path : file_upload.url
headers.store(*Gitlab::Workhorse.send_scaled_image(location, params[:width].to_i, content_type))
head :ok
elsif file_upload.file_storage?
send_file file_upload.path, send_params
elsif file_upload.class.proxy_download_enabled? || proxy
headers.store(*Gitlab::Workhorse.send_url(file_upload.url(**redirect_params)))
head :ok
else
redirect_to cdn_fronted_url(file_upload, redirect_params)
end
end