debian-mirror-gitlab/app/models/concerns/safe_url.rb

# frozen_string_literal: true

module SafeUrl
  extend ActiveSupport::Concern

  # Return the URL with obfuscated userinfo
  # and keeping it intact
  def safe_url(allowed_usernames: [])
    return if url.nil?

    escaped = Addressable::URI.escape(url)
    uri = URI.parse(escaped)
    uri.password = '*****' if uri.password
    uri.user = '*****' if uri.user && allowed_usernames.exclude?(uri.user)
    Addressable::URI.unescape(uri.to_s)
  rescue URI::Error, TypeError
  end
end
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`# frozen_string_literal: true`

			`module SafeUrl`
			`extend ActiveSupport::Concern`

New upstream version 15.3.4+ds1 2022-10-02 17:18:49 +05:30			`# Return the URL with obfuscated userinfo`
			`# and keeping it intact`
New upstream version 13.11.2+ds1 2021-04-29 21:17:54 +05:30			`def safe_url(allowed_usernames: [])`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`return if url.nil?`

New upstream version 15.3.4+ds1 2022-10-02 17:18:49 +05:30			`escaped = Addressable::URI.escape(url)`
			`uri = URI.parse(escaped)`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`uri.password = '*****' if uri.password`
New upstream version 13.11.2+ds1 2021-04-29 21:17:54 +05:30			`uri.user = '*****' if uri.user && allowed_usernames.exclude?(uri.user)`
New upstream version 15.3.4+ds1 2022-10-02 17:18:49 +05:30			`Addressable::URI.unescape(uri.to_s)`
			`rescue URI::Error, TypeError`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`end`
			`end`