diff options
| author | Junio C Hamano <gitster@pobox.com> | 2022-06-13 15:53:42 -0700 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2022-06-13 15:53:42 -0700 |
| commit | 11698e551ce0590af6d7ce1f5b683eca27e68ab3 (patch) | |
| tree | 12296178753060a876dbf5105c7a258ebf7afdb4 /t/t5516-fetch-push.sh | |
| parent | eef985e17af956b341b08ed7ad47f3941cb7da94 (diff) | |
| parent | 6dcbdc0d6616d7fbd2445aa2237b22e3c172ea85 (diff) | |
| download | git-11698e551ce0590af6d7ce1f5b683eca27e68ab3.tar.gz | |
Merge branch 'ds/credentials-in-url'
The "fetch.credentialsInUrl" configuration variable controls what
happens when a URL with embedded login credential is used.
* ds/credentials-in-url:
remote: create fetch.credentialsInUrl config
Diffstat (limited to 't/t5516-fetch-push.sh')
| -rwxr-xr-x | t/t5516-fetch-push.sh | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/t/t5516-fetch-push.sh b/t/t5516-fetch-push.sh index e99c31f8c3..dedca106a7 100755 --- a/t/t5516-fetch-push.sh +++ b/t/t5516-fetch-push.sh @@ -12,6 +12,7 @@ This test checks the following functionality: * --porcelain output format * hiderefs * reflogs +* URL validation ' GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME=main @@ -1833,4 +1834,35 @@ test_expect_success 'refuse to push a hidden ref, and make sure do not pollute t test_dir_is_empty testrepo/.git/objects/pack ' +test_expect_success 'fetch warns or fails when using username:password' ' + message="URL '\''https://username:<redacted>@localhost/'\'' uses plaintext credentials" && + test_must_fail git -c fetch.credentialsInUrl=allow fetch https://username:password@localhost 2>err && + ! grep "$message" err && + + test_must_fail git -c fetch.credentialsInUrl=warn fetch https://username:password@localhost 2>err && + grep "warning: $message" err >warnings && + test_line_count = 3 warnings && + + test_must_fail git -c fetch.credentialsInUrl=die fetch https://username:password@localhost 2>err && + grep "fatal: $message" err >warnings && + test_line_count = 1 warnings && + + test_must_fail git -c fetch.credentialsInUrl=die fetch https://username:@localhost 2>err && + grep "fatal: $message" err >warnings && + test_line_count = 1 warnings +' + + +test_expect_success 'push warns or fails when using username:password' ' + message="URL '\''https://username:<redacted>@localhost/'\'' uses plaintext credentials" && + test_must_fail git -c fetch.credentialsInUrl=allow push https://username:password@localhost 2>err && + ! grep "$message" err && + + test_must_fail git -c fetch.credentialsInUrl=warn push https://username:password@localhost 2>err && + grep "warning: $message" err >warnings && + test_must_fail git -c fetch.credentialsInUrl=die push https://username:password@localhost 2>err && + grep "fatal: $message" err >warnings && + test_line_count = 1 warnings +' + test_done |