HomePhabricator
Diffusion libphutil 4a2238fc8605

Escape forward slashes in URI usernames/passwords properly
4a2238fc8605
Actions

Description

Escape forward slashes in URI usernames/passwords properly

Summary: Fixes T11079. We currently un-escape / in phutil_escape_uri() because it is safe to leave unescaped in paths and an awful UX to escape, but it must be escaped in usernames/passwords.

Test Plan:

  • Added failing unit test.
  • Fixed test.
  • Created a credential with username and password containing a slash.
  • Set this credential on an observation URI for a repository.
  • Used bin/repository update R... to pull the repostiory.
  • Before patch, got an error about a malfored URI.
  • After patch, things worked properly.
Cloning into bare repository '/Users/epriestley/dev/core/repo/local/55'...
fatal: unable to access 'https://slash/slash:slash/slash@github.com/epriestley/poems.git/': Could not resolve host: slash

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11079

Differential Revision: https://secure.phabricator.com/D16009

Details

Provenance
epriestleyAuthored on Jun 2 2016, 1:49 PM
epriestleyPushed on Jun 2 2016, 1:53 PM
Reviewer
chad
Differential Revision
D16009: Escape forward slashes in URI usernames/passwords properly
Parents
rPHU2c47bbeaf753: Make remarkup link generation rules more flexible and consistent
Branches
Unknown
Tags
Unknown
Tasks
T11079: URI usernames and passwords containing forward slashes are not fully escaped
Build Status
Buildable 12406
Build 15707: Run Core Tests

Changes (2)

PathSize
src/
parser/
__tests__/

rPHU4a2238fc8605

View Options

src/parser/PhutilURI.php

Loading...
View Options

src/parser/__tests__/PhutilURITestCase.php

Loading...
Phabricator ยท Built by Phacility