diff options
| author | Jonathan <jonacom@lissismore.com> | 2021-09-17 12:39:25 -0600 |
|---|---|---|
| committer | Hiroshi SHIBATA <hsbt@ruby-lang.org> | 2021-09-22 10:14:48 +0900 |
| commit | 13bb16f41edb4682f76d02a9bf2e4d65b443dcf8 (patch) | |
| tree | 80f36bd2d4dc07e15a1aa6cbef72bfa69c29a6d3 /lib | |
| parent | 42dcac00b156d403f5bde0c9c709bc35a9c8e963 (diff) | |
| download | ruby-13bb16f41edb4682f76d02a9bf2e4d65b443dcf8.tar.gz | |
[rubygems/rubygems] Fix bug where redacted credentials are sent to server
Implement deep cloning for `Gem::Uri` class to fix a bug where redacting
credentials modifies the URI string in place instead of returning a
modified copy.
https://github.com/rubygems/rubygems/commit/eafb5a279b
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/rubygems/uri.rb | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/lib/rubygems/uri.rb b/lib/rubygems/uri.rb index 031d7e01c3..ba30fac2f5 100644 --- a/lib/rubygems/uri.rb +++ b/lib/rubygems/uri.rb @@ -43,6 +43,11 @@ class Gem::Uri @parsed_uri.respond_to?(method_name, include_private) || super end + protected + + # Add a protected reader for the cloned instance to access the original object's parsed uri + attr_reader :parsed_uri + private ## @@ -99,4 +104,8 @@ class Gem::Uri def token? !user.nil? && password.nil? end + + def initialize_copy(original) + @parsed_uri = original.parsed_uri.clone + end end |