debian-mirror-gitlab/app/models/concerns/safe_url.rb

19 lines
482 B
Ruby
Raw Normal View History

2020-01-01 13:55:28 +05:30
# frozen_string_literal: true
module SafeUrl
extend ActiveSupport::Concern
2022-10-02 17:18:49 +05:30
# Return the URL with obfuscated userinfo
# and keeping it intact
2021-04-29 21:17:54 +05:30
def safe_url(allowed_usernames: [])
2020-01-01 13:55:28 +05:30
return if url.nil?
2022-10-02 17:18:49 +05:30
escaped = Addressable::URI.escape(url)
uri = URI.parse(escaped)
2020-01-01 13:55:28 +05:30
uri.password = '*****' if uri.password
2021-04-29 21:17:54 +05:30
uri.user = '*****' if uri.user && allowed_usernames.exclude?(uri.user)
2022-10-02 17:18:49 +05:30
Addressable::URI.unescape(uri.to_s)
rescue URI::Error, TypeError
2020-01-01 13:55:28 +05:30
end
end