diff options
| author | Nick Thomas <nick@gitlab.com> | 2017-09-06 15:20:25 +0100 |
|---|---|---|
| committer | Nick Thomas <nick@gitlab.com> | 2017-09-06 15:29:14 +0100 |
| commit | c8bdb20228b34130c7f0525ad92140702dce1e20 (patch) | |
| tree | 1783f5e8df0534f7df2b8ab371d1359d0cdc38f3 /lib/gitlab | |
| parent | 759f34bd0a250cb2cdf1b718837b56bb28fa1939 (diff) | |
| download | gitlab-ce-c8bdb20228b34130c7f0525ad92140702dce1e20.tar.gz | |
Remove blank passwords from sanitized URLs
Diffstat (limited to 'lib/gitlab')
| -rw-r--r-- | lib/gitlab/url_sanitizer.rb | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/lib/gitlab/url_sanitizer.rb b/lib/gitlab/url_sanitizer.rb index 9c26490f40f..703adae12cb 100644 --- a/lib/gitlab/url_sanitizer.rb +++ b/lib/gitlab/url_sanitizer.rb @@ -19,7 +19,12 @@ module Gitlab end def initialize(url, credentials: nil) - @url = Addressable::URI.parse(url.strip) + @url = Addressable::URI.parse(url.to_s.strip) + + %i[user password].each do |symbol| + credentials[symbol] = credentials[symbol].presence if credentials&.key?(symbol) + end + @credentials = credentials end @@ -47,8 +52,10 @@ module Gitlab def generate_full_url return @url unless valid_credentials? @full_url = @url.dup - @full_url.user = credentials[:user].presence - @full_url.password = credentials[:password].presence + + @full_url.password = credentials[:password] + @full_url.user = credentials[:user] + @full_url end |