BigW Consortium Gitlab

Commit f06d370b by Rémy Coutable

Merge branch 'backport-ee-changes-to-url-sanitizer' into 'master'

Backport more EE changes to Gitlab::UrlSanitizer See merge request !14150
parents 35273121 b46d5b13
......@@ -19,13 +19,12 @@ module Gitlab
end
def initialize(url, credentials: nil)
@url = Addressable::URI.parse(url.to_s.strip)
%i[user password].each do |symbol|
credentials[symbol] = credentials[symbol].presence if credentials&.key?(symbol)
end
@credentials = credentials
@url = parse_url(url)
end
def sanitized_url
......@@ -49,12 +48,30 @@ module Gitlab
private
def parse_url(url)
url = url.to_s.strip
match = url.match(%r{\A(?:git|ssh|http(?:s?))\://(?:(.+)(?:@))?(.+)})
raw_credentials = match[1] if match
if raw_credentials.present?
url.sub!("#{raw_credentials}@", '')
user, password = raw_credentials.split(':')
@credentials ||= { user: user.presence, password: password.presence }
end
url = Addressable::URI.parse(url)
url.password = password if password.present?
url.user = user if user.present?
url
end
def generate_full_url
return @url unless valid_credentials?
@full_url = @url.dup
@full_url.password = credentials[:password]
@full_url.user = credentials[:user]
@full_url.password = credentials[:password] if credentials[:password].present?
@full_url.user = credentials[:user] if credentials[:user].present?
@full_url
end
......
......@@ -174,4 +174,13 @@ describe Gitlab::UrlSanitizer do
end
end
end
context 'when credentials contains special chars' do
it 'should parse the URL without errors' do
url_sanitizer = described_class.new("https://foo:b?r@github.com/me/project.git")
expect(url_sanitizer.sanitized_url).to eq("https://github.com/me/project.git")
expect(url_sanitizer.full_url).to eq("https://foo:b?r@github.com/me/project.git")
end
end
end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment