Changeset - 3ea3d3a2b3e3
Parent rev.
Child rev.
[Not reviewed]
stable
0 1 0
Mads Kiilerich (mads) - 5 years ago 2020-11-22 01:32:23
mads@kiilerich.com
git: make sure _check_url only accept the protocols accepted by is_valid_repo_uri

Avoid unnecessary flexibility, ambiguity, and complexity.

The file protocol was never used. But when cloning existing managed repos,
is_valid_repo_url would be skipped and _check_url would be called with absolute
paths.
1 file changed with 3 insertions and 3 deletions:
kallithea/lib/vcs/backends/git/repository.py
3
3
0 comments (0 inline, 0 general)
kallithea/lib/vcs/backends/git/repository.py
Show inline comments
 
@@ -150,32 +150,32 @@ class GitRepository(BaseRepository):
 
    @classmethod
 
    def _check_url(cls, url):
 
        """
 
        Function will check given url and try to verify if it's a valid
 
        link. Sometimes it may happened that git will issue basic
 
        auth request that can cause whole API to hang when used from python
 
        or other external calls.
 

			




	
	
	
		
 
        On failures it'll raise urllib2.HTTPError, exception is also thrown

			




	
	
	
		
 
        when the return code is non 200

			




	
	
	
		
 
        """

			




	
	
	
		
 
        # check first if it's not an local url

			




	
	
	
		
 
        if os.path.isdir(url) or url.startswith('file:'):

			




	
	
	
		
 
        if os.path.isabs(url) and os.path.isdir(url):

			




	
	
	
		
 
            return True

			




	
	
	
		
 

			




	
	
	
		
 
        if url.startswith('git://'):

			




	
	
	
		
 
            return True

			




	
	
	
		
 

			




	
	
	
		
 
        if '+' in url[:url.find('://')]:

			




	
	
	
		
 
            url = url[url.find('+') + 1:]

			




	
	
	
		
 
        if not url.startswith('http://') and not url.startswith('https://'):

			




	
	
	
		
 
            raise urllib.error.URLError("Unsupported protocol in URL %s" % url)

			




	
	
	
		
 

			




	
	
	
		
 
        url_obj = mercurial.util.url(safe_bytes(url))

			




	
	
	
		
 
        test_uri, handlers = get_urllib_request_handlers(url_obj)

			




	
	
	
		
 
        if not test_uri.endswith(b'info/refs'):

			




	
	
	
		
 
            test_uri = test_uri.rstrip(b'/') + b'/info/refs'

			




	
	
	
		
 

			




	
	
	
		
 
        url_obj.passwd = b'*****'

			




	
	
	
		
 
        cleaned_uri = str(url_obj)

			




	
	
	
		
 

			




	
	
	
		
 
        o = urllib.request.build_opener(*handlers)

			




	
	
	
		
 
        o.addheaders = [('User-Agent', 'git/1.7.8.0')]  # fake some git

			




	
	
	
		
 

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        Server instance: clio-3928
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.
            – Support