summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorNick Thomas <nick@gitlab.com>2017-09-06 15:20:25 +0100
committerNick Thomas <nick@gitlab.com>2017-09-06 15:29:14 +0100
commitc8bdb20228b34130c7f0525ad92140702dce1e20 (patch)
tree1783f5e8df0534f7df2b8ab371d1359d0cdc38f3 /lib
parent759f34bd0a250cb2cdf1b718837b56bb28fa1939 (diff)
downloadgitlab-ce-c8bdb20228b34130c7f0525ad92140702dce1e20.tar.gz
Remove blank passwords from sanitized URLs
Diffstat (limited to 'lib')
-rw-r--r--lib/gitlab/url_sanitizer.rb13
1 files changed, 10 insertions, 3 deletions
diff --git a/lib/gitlab/url_sanitizer.rb b/lib/gitlab/url_sanitizer.rb
index 9c26490f40f..703adae12cb 100644
--- a/lib/gitlab/url_sanitizer.rb
+++ b/lib/gitlab/url_sanitizer.rb
@@ -19,7 +19,12 @@ module Gitlab
end
def initialize(url, credentials: nil)
- @url = Addressable::URI.parse(url.strip)
+ @url = Addressable::URI.parse(url.to_s.strip)
+
+ %i[user password].each do |symbol|
+ credentials[symbol] = credentials[symbol].presence if credentials&.key?(symbol)
+ end
+
@credentials = credentials
end
@@ -47,8 +52,10 @@ module Gitlab
def generate_full_url
return @url unless valid_credentials?
@full_url = @url.dup
- @full_url.user = credentials[:user].presence
- @full_url.password = credentials[:password].presence
+
+ @full_url.password = credentials[:password]
+ @full_url.user = credentials[:user]
+
@full_url
end