debian-mirror-gitlab/lib/gitlab/url_sanitizer.rb

140 lines
4.2 KiB
Ruby
Raw Normal View History

2018-12-13 13:39:08 +05:30
# frozen_string_literal: true
2016-06-02 11:05:42 +05:30
module Gitlab
class UrlSanitizer
2023-05-08 21:46:49 +05:30
include Gitlab::Utils::StrongMemoize
2018-03-17 18:26:18 +05:30
ALLOWED_SCHEMES = %w[http https ssh git].freeze
2020-05-30 21:06:31 +05:30
ALLOWED_WEB_SCHEMES = %w[http https].freeze
2023-05-08 21:46:49 +05:30
SCHEMIFIED_SCHEME = 'glschemelessuri'
SCHEMIFY_PLACEHOLDER = "#{SCHEMIFIED_SCHEME}://".freeze
# URI::DEFAULT_PARSER.make_regexp will only match URLs with schemes or
# relative URLs. This section will match schemeless URIs with userinfo
# e.g. user:pass@gitlab.com but will not match scp-style URIs e.g.
# user@server:path/to/file)
#
# The userinfo part is very loose compared to URI's implementation so we
# also match non-escaped userinfo e.g foo:b?r@gitlab.com which should be
# encoded as foo:b%3Fr@gitlab.com
URI_REGEXP = %r{
(?:
#{URI::DEFAULT_PARSER.make_regexp(ALLOWED_SCHEMES)}
|
(?:(?:(?!@)[%#{URI::REGEXP::PATTERN::UNRESERVED}#{URI::REGEXP::PATTERN::RESERVED}])+(?:@))
(?# negative lookahead ensures this isn't an SCP-style URL: [host]:[rel_path|abs_path] server:path/to/file)
(?!#{URI::REGEXP::PATTERN::HOST}:(?:#{URI::REGEXP::PATTERN::REL_PATH}|#{URI::REGEXP::PATTERN::ABS_PATH}))
#{URI::REGEXP::PATTERN::HOSTPORT}
)
}x
2018-03-17 18:26:18 +05:30
2016-06-02 11:05:42 +05:30
def self.sanitize(content)
2023-05-08 21:46:49 +05:30
content.gsub(URI_REGEXP) do |url|
new(url).masked_url
rescue Addressable::URI::InvalidURIError
''
end
2016-08-24 12:49:21 +05:30
end
2020-05-30 21:06:31 +05:30
def self.valid?(url, allowed_schemes: ALLOWED_SCHEMES)
2018-03-17 18:26:18 +05:30
return false unless url.present?
2019-02-15 15:39:39 +05:30
return false unless url.is_a?(String)
2017-08-17 22:00:37 +05:30
2018-03-17 18:26:18 +05:30
uri = Addressable::URI.parse(url.strip)
2016-08-24 12:49:21 +05:30
2020-05-30 21:06:31 +05:30
allowed_schemes.include?(uri.scheme)
2016-08-24 12:49:21 +05:30
rescue Addressable::URI::InvalidURIError
false
2016-06-02 11:05:42 +05:30
end
2020-05-30 21:06:31 +05:30
def self.valid_web?(url)
valid?(url, allowed_schemes: ALLOWED_WEB_SCHEMES)
end
2016-06-02 11:05:42 +05:30
def initialize(url, credentials: nil)
2018-03-17 18:26:18 +05:30
%i[user password].each do |symbol|
credentials[symbol] = credentials[symbol].presence if credentials&.key?(symbol)
end
2016-06-02 11:05:42 +05:30
@credentials = credentials
2018-03-17 18:26:18 +05:30
@url = parse_url(url)
2016-06-02 11:05:42 +05:30
end
2023-05-08 21:46:49 +05:30
def credentials
@credentials ||= { user: @url.user.presence, password: @url.password.presence }
end
def user
credentials[:user]
end
2016-06-02 11:05:42 +05:30
def sanitized_url
2023-05-08 21:46:49 +05:30
safe_url = @url.dup
safe_url.password = nil
safe_url.user = nil
reverse_schemify(safe_url.to_s)
2016-06-02 11:05:42 +05:30
end
2023-05-08 21:46:49 +05:30
strong_memoize_attr :sanitized_url
2016-06-02 11:05:42 +05:30
def masked_url
url = @url.dup
2018-03-17 18:26:18 +05:30
url.password = "*****" if url.password.present?
url.user = "*****" if url.user.present?
2023-05-08 21:46:49 +05:30
reverse_schemify(url.to_s)
2023-04-23 21:23:45 +05:30
end
2023-05-08 21:46:49 +05:30
strong_memoize_attr :masked_url
2023-04-23 21:23:45 +05:30
def full_url
2023-05-08 21:46:49 +05:30
return reverse_schemify(@url.to_s) unless valid_credentials?
url = @url.dup
url.password = encode_percent(credentials[:password]) if credentials[:password].present?
url.user = encode_percent(credentials[:user]) if credentials[:user].present?
reverse_schemify(url.to_s)
2016-06-02 11:05:42 +05:30
end
2023-05-08 21:46:49 +05:30
strong_memoize_attr :full_url
2016-06-02 11:05:42 +05:30
private
2018-03-17 18:26:18 +05:30
def parse_url(url)
2023-05-08 21:46:49 +05:30
url = schemify(url.to_s.strip)
match = url.match(%r{\A(?:(?:#{SCHEMIFIED_SCHEME}|git|ssh|http(?:s?)):)?//(?:(.+)(?:@))?(.+)}o)
2018-03-17 18:26:18 +05:30
raw_credentials = match[1] if match
if raw_credentials.present?
url.sub!("#{raw_credentials}@", '')
2018-11-18 11:00:15 +05:30
user, _, password = raw_credentials.partition(':')
2022-06-21 17:19:12 +05:30
@credentials ||= {}
@credentials[:user] = user.presence if @credentials[:user].blank?
@credentials[:password] = password.presence if @credentials[:password].blank?
2018-03-17 18:26:18 +05:30
end
url = Addressable::URI.parse(url)
url.password = password if password.present?
url.user = user if user.present?
url
end
2023-05-08 21:46:49 +05:30
def schemify(url)
# Prepend the placeholder scheme unless the URL has a scheme or is relative
url.prepend(SCHEMIFY_PLACEHOLDER) unless url.starts_with?(%r{(?:#{URI::REGEXP::PATTERN::SCHEME}:)?//}o)
url
2016-06-02 11:05:42 +05:30
end
2023-05-08 21:46:49 +05:30
def reverse_schemify(url)
url.slice!(SCHEMIFY_PLACEHOLDER) if url.starts_with?(SCHEMIFY_PLACEHOLDER)
url
2016-06-02 11:05:42 +05:30
end
def valid_credentials?
2023-05-08 21:46:49 +05:30
credentials.is_a?(Hash) && credentials.values.any?
2016-06-02 11:05:42 +05:30
end
2018-11-18 11:00:15 +05:30
def encode_percent(string)
# CGI.escape converts spaces to +, but this doesn't work for git clone
CGI.escape(string).gsub('+', '%20')
end
2016-06-02 11:05:42 +05:30
end
end