debian-mirror-gitlab/lib/gitlab/git/pre_receive_error.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

53 lines
1.4 KiB
Ruby
Raw Normal View History

2019-02-15 15:39:39 +05:30
# frozen_string_literal: true
2018-11-08 19:23:39 +05:30
module Gitlab
module Git
#
# PreReceiveError is special because its message gets displayed to users
2019-07-07 11:18:12 +05:30
# in the web UI. Because of this, we:
# - Only display errors that have been marked as safe with a prefix.
# This is to prevent leaking of stacktraces, or other sensitive info.
# - Sanitize the string of any XSS
2018-11-08 19:23:39 +05:30
class PreReceiveError < StandardError
2019-07-07 11:18:12 +05:30
SAFE_MESSAGE_PREFIXES = [
'GitLab:', # Messages from gitlab-shell
'GL-HOOK-ERR:' # Messages marked as safe by user
].freeze
2019-07-31 22:56:46 +05:30
SAFE_MESSAGE_REGEX = /^(#{SAFE_MESSAGE_PREFIXES.join('|')})\s*(?<safe_message>.+)/.freeze
2019-07-07 11:18:12 +05:30
2020-10-24 23:57:45 +05:30
attr_reader :raw_message
2020-11-24 15:15:51 +05:30
def initialize(message = '', fallback_message: '')
2020-10-24 23:57:45 +05:30
@raw_message = message
2020-11-24 15:15:51 +05:30
sanitized_msg = sanitize(message)
if sanitized_msg.present?
super(sanitized_msg)
2020-10-24 23:57:45 +05:30
else
2020-11-24 15:15:51 +05:30
super(fallback_message)
2020-10-24 23:57:45 +05:30
end
2018-11-08 19:23:39 +05:30
end
private
# In gitaly-ruby we override this method to do nothing, so that
# sanitization happens in gitlab-rails only.
2019-07-07 11:18:12 +05:30
def sanitize(message)
return message if message.blank?
safe_messages = message.split("\n").map do |msg|
if (match = msg.match(SAFE_MESSAGE_REGEX))
match[:safe_message].presence
end
end
safe_messages = safe_messages.compact.join("\n")
Gitlab::Utils.nlbr(safe_messages)
2018-11-08 19:23:39 +05:30
end
end
end
end