diff --git a/app/helpers/application_settings_helper.rb b/app/helpers/application_settings_helper.rb
index 6b0dde5dfe65daf8b140b6eac2da17b0f4c7738e..92166461462f8b94878a31a14fef273317d29259 100644
--- a/app/helpers/application_settings_helper.rb
+++ b/app/helpers/application_settings_helper.rb
@@ -44,19 +44,15 @@ module ApplicationSettingsHelper
     end
   end
 
-  def enabled_project_tooltip(project, protocol)
+  def enabled_project_button(project, protocol)
     case protocol
     when 'ssh'
-      sanitize_clone_button(ssh_clone_button(project, 'bottom'))
+      ssh_clone_button(project, 'bottom', false)
     else
-      sanitize_clone_button(http_clone_button(project, 'bottom'))
+      http_clone_button(project, 'bottom', false)
     end
   end
 
-  def sanitize_clone_button(input)
-    sanitize(input, tags: %w(a), attributes: %w(id class title data-html data-container data-placement data-title data-original-title aria-describedby))
-  end
-
   # Return a group of checkboxes that use Bootstrap's button plugin for a
   # toggle button effect.
   def restricted_level_checkboxes(help_block_id)
diff --git a/app/helpers/branches_helper.rb b/app/helpers/branches_helper.rb
index 601df5c18df14c353313da58554c7f6236d9582b..c533659b600f8d0a37b30e6374efee32cc14f6cc 100644
--- a/app/helpers/branches_helper.rb
+++ b/app/helpers/branches_helper.rb
@@ -12,7 +12,7 @@ module BranchesHelper
   def can_push_branch?(project, branch_name)
     return false unless project.repository.branch_exists?(branch_name)
 
-    ::Gitlab::GitAccess.new(current_user, project, 'web').can_push_to_branch?(branch_name)
+    ::Gitlab::GitAccess.new(current_user, project).can_push_to_branch?(branch_name)
   end
 
   def project_branches
diff --git a/app/helpers/button_helper.rb b/app/helpers/button_helper.rb
index a64e96eaec9763480dd44e450852b7b8a0136662..7fd20d13010fcd94b219aef4ea0984b067df7672 100644
--- a/app/helpers/button_helper.rb
+++ b/app/helpers/button_helper.rb
@@ -40,7 +40,7 @@ module ButtonHelper
       type: :button
   end
 
-  def http_clone_button(project, placement = 'right')
+  def http_clone_button(project, placement = 'right', append_link = true)
     klass = 'http-selector'
     klass << ' has-tooltip' if current_user.try(:require_password?)
 
@@ -48,7 +48,7 @@ module ButtonHelper
 
     content_tag :a, protocol,
       class: klass,
-      href: project.http_url_to_repo,
+      href: (project.http_url_to_repo if append_link),
       data: {
         html: true,
         placement: placement,
@@ -57,13 +57,13 @@ module ButtonHelper
       }
   end
 
-  def ssh_clone_button(project, placement = 'right')
+  def ssh_clone_button(project, placement = 'right', append_link = true)
     klass = 'ssh-selector'
     klass << ' has-tooltip' if current_user.try(:require_ssh_key?)
 
     content_tag :a, 'SSH',
       class: klass,
-      href: project.ssh_url_to_repo,
+      href: (project.ssh_url_to_repo if append_link),
       data: {
         html: true,
         placement: placement,
diff --git a/app/models/merge_request.rb b/app/models/merge_request.rb
index 4f7e1d2f302fc31029b2883b0cbdfa971c8aac33..cb0f871897a346b5dd7a954b3a3ac6ad1d65e0f3 100644
--- a/app/models/merge_request.rb
+++ b/app/models/merge_request.rb
@@ -481,7 +481,7 @@ class MergeRequest < ActiveRecord::Base
   end
 
   def can_be_merged_by?(user)
-    ::Gitlab::GitAccess.new(user, project, 'web').can_push_to_branch?(target_branch)
+    ::Gitlab::GitAccess.new(user, project).can_push_to_branch?(target_branch)
   end
 
   def mergeable_ci_state?
diff --git a/app/services/commits/change_service.rb b/app/services/commits/change_service.rb
index c578097376a632d349d73257be0072d40b0dc8bc..6b69cb53b2c6bad66dc972023c3e12f476b4dd18 100644
--- a/app/services/commits/change_service.rb
+++ b/app/services/commits/change_service.rb
@@ -23,7 +23,7 @@ module Commits
     private
 
     def check_push_permissions
-      allowed = ::Gitlab::GitAccess.new(current_user, project, 'web').can_push_to_branch?(@target_branch)
+      allowed = ::Gitlab::GitAccess.new(current_user, project).can_push_to_branch?(@target_branch)
 
       unless allowed
         raise ValidationError.new('You are not allowed to push into this branch')
diff --git a/app/services/files/base_service.rb b/app/services/files/base_service.rb
index 4bdb68a3698ffe4b7fe46dbd1aeb41e80ad12658..0326a8823e975c20a7a02825ba1b1da94f27868f 100644
--- a/app/services/files/base_service.rb
+++ b/app/services/files/base_service.rb
@@ -43,7 +43,7 @@ module Files
     end
 
     def validate
-      allowed = ::Gitlab::GitAccess.new(current_user, project, 'web').can_push_to_branch?(@target_branch)
+      allowed = ::Gitlab::GitAccess.new(current_user, project).can_push_to_branch?(@target_branch)
 
       unless allowed
         raise_error("You are not allowed to push into this branch")
diff --git a/lib/gitlab/git_access.rb b/lib/gitlab/git_access.rb
index ae609021eb6595402dddd90073d6b7005cee5294..93b75a7bb0542766d28ffed3aff0836ac594184d 100644
--- a/lib/gitlab/git_access.rb
+++ b/lib/gitlab/git_access.rb
@@ -5,7 +5,7 @@ module Gitlab
 
     attr_reader :actor, :project, :protocol
 
-    def initialize(actor, project, protocol)
+    def initialize(actor, project, protocol = 'web')
       @actor    = actor
       @project  = project
       @protocol = protocol
@@ -50,8 +50,6 @@ module Gitlab
     end
 
     def check(cmd, changes = nil)
-      raise 'Access denied due to unspecified Git access protocol' unless protocol.present?
-
       return build_status_object(false, "Git access over #{protocol.upcase} is not allowed") unless protocol_allowed?
 
       unless actor
diff --git a/lib/gitlab/protocol_access.rb b/lib/gitlab/protocol_access.rb
index 4c90654c59ccc404714d1800642d5f6d2bed240e..21aefc884be91b22c6192554fb99392f0375dfdb 100644
--- a/lib/gitlab/protocol_access.rb
+++ b/lib/gitlab/protocol_access.rb
@@ -1,12 +1,12 @@
 module Gitlab
   module ProtocolAccess
     def self.allowed?(protocol)
-      if protocol.to_s == 'web'
+      if protocol == 'web'
         true
       elsif current_application_settings.enabled_git_access_protocol.blank?
         true
       else
-        protocol.to_s == current_application_settings.enabled_git_access_protocol
+        protocol == current_application_settings.enabled_git_access_protocol
       end
     end
   end
diff --git a/spec/lib/gitlab/git_access_spec.rb b/spec/lib/gitlab/git_access_spec.rb
index c79ba11f782dbe0e946e483a41db568908f47be3..81530bb2db763561d9500f09e5ca63015db84c68 100644
--- a/spec/lib/gitlab/git_access_spec.rb
+++ b/spec/lib/gitlab/git_access_spec.rb
@@ -1,7 +1,7 @@
 require 'spec_helper'
 
 describe Gitlab::GitAccess, lib: true do
-  let(:access) { Gitlab::GitAccess.new(actor, project, 'web') }
+  let(:access) { Gitlab::GitAccess.new(actor, project) }
   let(:project) { create(:project) }
   let(:user) { create(:user) }
   let(:actor) { user }