Paths

Table of Contentst

Differential D16009

Escape forward slashes in URI usernames/passwords properly
ClosedPublic
Actions

Authored by epriestley on Jun 2 2016, 1:51 PM.

Tags

None

Referenced Files

	F14020664: D16009.diff
	Wed, Nov 6, 1:25 AM

	F14007177: D16009.id.diff
	Tue, Oct 29, 12:57 AM

	Unknown Object (File)
	Sep 20 2024, 4:36 PM

	Unknown Object (File)
	Sep 19 2024, 4:25 PM

	Unknown Object (File)
	Sep 18 2024, 1:48 PM

	Unknown Object (File)
	Sep 15 2024, 6:53 PM

	Unknown Object (File)
	Sep 5 2024, 2:40 PM

	Unknown Object (File)
	Aug 31 2024, 9:43 AM

Subscribers

None

Details

Reviewers

Maniphest Tasks

T11079: URI usernames and passwords containing forward slashes are not fully escaped

Commits

rPHU4a2238fc8605: Escape forward slashes in URI usernames/passwords properly

Summary

Fixes T11079. We currently un-escape / in phutil_escape_uri() because it is safe to leave unescaped in paths and an awful UX to escape, but it must be escaped in usernames/passwords.

Test Plan

Added failing unit test.
Fixed test.
Created a credential with username and password containing a slash.
Set this credential on an observation URI for a repository.
Used bin/repository update R... to pull the repostiory.
Before patch, got an error about a malfored URI.
After patch, things worked properly.

Cloning into bare repository '/Users/epriestley/dev/core/repo/local/55'...
fatal: unable to access 'https://slash/slash:slash/slash@github.com/epriestley/poems.git/': Could not resolve host: slash

Diff Detail

Repository

Branch

uri1

Lint

Lint Passed

Unit

Tests Passed

Build Status

Buildable 12405
Build 15706: Run Core Tests
Build 15705: arc lint + arc unit

Event Timeline

epriestley updated this revision to Diff 38529.Jun 2 2016, 1:51 PM

epriestley retitled this revision from to Escape forward slashes in URI usernames/passwords properly.

epriestley updated this object.

epriestley edited the test plan for this revision. (Show Details)

epriestley added a reviewer: chad.

epriestley added a task: T11079: URI usernames and passwords containing forward slashes are not fully escaped.

chad accepted this revision.Jun 2 2016, 1:52 PM

chad edited edge metadata.

This revision is now accepted and ready to land.Jun 2 2016, 1:52 PM

Closed by commit rPHU4a2238fc8605: Escape forward slashes in URI usernames/passwords properly (authored by epriestley, committed by epriestley). · Explain WhyJun 2 2016, 1:53 PM

This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Path

Size

src/

parser/

6 lines

__tests__/

PhutilURITestCase.php

5 lines

Diff 38529

src/parser/PhutilURI.php

Loading...

src/parser/tests/PhutilURITestCase.php

Loading...