BigW Consortium Gitlab

Commit f06d370b by Rémy Coutable

Merge branch 'backport-ee-changes-to-url-sanitizer' into 'master'

Backport more EE changes to Gitlab::UrlSanitizer See merge request !14150
parents 35273121 b46d5b13
...@@ -19,13 +19,12 @@ module Gitlab ...@@ -19,13 +19,12 @@ module Gitlab
end end
def initialize(url, credentials: nil) def initialize(url, credentials: nil)
@url = Addressable::URI.parse(url.to_s.strip)
%i[user password].each do |symbol| %i[user password].each do |symbol|
credentials[symbol] = credentials[symbol].presence if credentials&.key?(symbol) credentials[symbol] = credentials[symbol].presence if credentials&.key?(symbol)
end end
@credentials = credentials @credentials = credentials
@url = parse_url(url)
end end
def sanitized_url def sanitized_url
...@@ -49,12 +48,30 @@ module Gitlab ...@@ -49,12 +48,30 @@ module Gitlab
private private
def parse_url(url)
url = url.to_s.strip
match = url.match(%r{\A(?:git|ssh|http(?:s?))\://(?:(.+)(?:@))?(.+)})
raw_credentials = match[1] if match
if raw_credentials.present?
url.sub!("#{raw_credentials}@", '')
user, password = raw_credentials.split(':')
@credentials ||= { user: user.presence, password: password.presence }
end
url = Addressable::URI.parse(url)
url.password = password if password.present?
url.user = user if user.present?
url
end
def generate_full_url def generate_full_url
return @url unless valid_credentials? return @url unless valid_credentials?
@full_url = @url.dup @full_url = @url.dup
@full_url.password = credentials[:password] @full_url.password = credentials[:password] if credentials[:password].present?
@full_url.user = credentials[:user] @full_url.user = credentials[:user] if credentials[:user].present?
@full_url @full_url
end end
......
...@@ -174,4 +174,13 @@ describe Gitlab::UrlSanitizer do ...@@ -174,4 +174,13 @@ describe Gitlab::UrlSanitizer do
end end
end end
end end
context 'when credentials contains special chars' do
it 'should parse the URL without errors' do
url_sanitizer = described_class.new("https://foo:b?r@github.com/me/project.git")
expect(url_sanitizer.sanitized_url).to eq("https://github.com/me/project.git")
expect(url_sanitizer.full_url).to eq("https://foo:b?r@github.com/me/project.git")
end
end
end end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment