Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
5b893d60
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
5b893d60
编写于
6月 30, 2016
作者:
J
James Lopez
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
few changes based on feedback
上级
0ca27574
变更
5
隐藏空白更改
内联
并排
Showing
5 changed file
with
20 addition
and
17 deletion
+20
-17
CHANGELOG
CHANGELOG
+1
-3
app/models/project.rb
app/models/project.rb
+2
-2
app/validators/addressable_url_validator.rb
app/validators/addressable_url_validator.rb
+5
-8
db/migrate/20160620110927_fix_no_validatable_import_url.rb
db/migrate/20160620110927_fix_no_validatable_import_url.rb
+3
-3
lib/gitlab/url_sanitizer.rb
lib/gitlab/url_sanitizer.rb
+9
-1
未找到文件。
CHANGELOG
浏览文件 @
5b893d60
...
...
@@ -14,6 +14,7 @@ v 8.10.0 (unreleased)
- Check for conflicts with existing Project's wiki path when creating a new project.
- Add API endpoint for a group issues !4520 (mahcsig)
- Allow [ci skip] to be in any case and allow [skip ci]. !4785 (simon_w)
- Set import_url validation to be more strict
v 8.9.3 (unreleased)
- Fix encrypted data backwards compatibility after upgrading attr_encrypted gem
...
...
@@ -66,9 +67,6 @@ v 8.9.1
- Add SMTP as default delivery method to match gitlab-org/omnibus-gitlab!826. !4915
- Remove duplicate 'New Page' button on edit wiki page
v 8.9.1 (unreleased)
- Set import_url validation to be more strict
v 8.9.0
- Fix builds API response not including commit data
- Fix error when CI job variables key specified but not defined
...
...
app/models/project.rb
浏览文件 @
5b893d60
...
...
@@ -445,11 +445,11 @@ class Project < ActiveRecord::Base
end
def
import_url
=
(
value
)
return
super
(
value
)
unless
Gitlab
::
UrlSanitizer
.
valid?
(
value
)
import_url
=
Gitlab
::
UrlSanitizer
.
new
(
value
)
create_or_update_import_data
(
credentials:
import_url
.
credentials
)
super
(
import_url
.
sanitized_url
)
rescue
Addressable
::
URI
::
InvalidURIError
errors
.
add
(
:import_url
,
'must be a valid URL.'
)
end
def
import_url
...
...
app/validators/addressable_url_validator.rb
浏览文件 @
5b893d60
...
...
@@ -18,6 +18,9 @@
# end
#
class
AddressableUrlValidator
<
ActiveModel
::
EachValidator
DEFAULT_OPTIONS
=
{
protocols:
%w(http https ssh git)
}
def
validate_each
(
record
,
attribute
,
value
)
unless
valid_url?
(
value
)
record
.
errors
.
add
(
attribute
,
"must be a valid URL"
)
...
...
@@ -29,15 +32,9 @@ class AddressableUrlValidator < ActiveModel::EachValidator
def
valid_url?
(
value
)
return
false
unless
value
value
.
strip!
valid_protocol?
(
value
)
&&
valid_uri?
(
value
)
end
def
default_options
@default_options
||=
{
protocols:
%w(http https ssh git)
}
end
def
valid_uri?
(
value
)
Addressable
::
URI
.
parse
(
value
).
is_a?
(
Addressable
::
URI
)
rescue
Addressable
::
URI
::
InvalidURIError
...
...
@@ -45,7 +42,7 @@ class AddressableUrlValidator < ActiveModel::EachValidator
end
def
valid_protocol?
(
value
)
options
=
default_options
.
merge
(
self
.
options
)
!!
(
value
=~
/\A
#{
URI
.
regexp
(
options
[
:protocols
])
}
\z/
)
options
=
DEFAULT_OPTIONS
.
merge
(
self
.
options
)
value
=~
/\A
#{
URI
.
regexp
(
options
[
:protocols
])
}
\z/
end
end
db/migrate/20160620110927_fix_no_validatable_import_url.rb
浏览文件 @
5b893d60
...
...
@@ -38,8 +38,6 @@ class FixNoValidatableImportUrl < ActiveRecord::Migration
def
valid_url?
(
value
)
return
false
unless
value
value
.
strip!
valid_uri?
(
value
)
&&
valid_protocol?
(
value
)
rescue
Addressable
::
URI
::
InvalidURIError
false
...
...
@@ -50,11 +48,13 @@ class FixNoValidatableImportUrl < ActiveRecord::Migration
end
def
valid_protocol?
(
value
)
!!
(
value
=~
/\A
#{
URI
.
regexp
(
%w(http https ssh git)
)
}
\z/
)
value
=~
/\A
#{
URI
.
regexp
(
%w(http https ssh git)
)
}
\z/
end
end
def
up
return
unless
defined?
(
Addressable
::
URI
::
InvalidURIError
)
say
(
'Cleaning up invalid import URLs... This may take a few minutes if we have a large number of imported projects.'
)
invalid_import_url_project_ids
.
each
{
|
project_id
|
cleanup_import_url
(
project_id
)
}
...
...
lib/gitlab/url_sanitizer.rb
浏览文件 @
5b893d60
module
Gitlab
class
UrlSanitizer
attr_reader
:valid
alias_method
:valid?
,
:valid
def
self
.
sanitize
(
content
)
regexp
=
URI
::
Parser
.
new
.
make_regexp
([
'http'
,
'https'
,
'ssh'
,
'git'
])
...
...
@@ -7,8 +11,12 @@ module Gitlab
end
def
initialize
(
url
,
credentials:
nil
)
@url
=
Addressable
::
URI
.
parse
(
url
)
@valid
=
true
@url
=
Addressable
::
URI
.
parse
(
url
.
strip
)
@credentials
=
credentials
rescue
Addressable
::
URI
::
InvalidURIError
@valid
=
false
raise
end
def
sanitized_url
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录