Only allow strings in URL::Sanitizer.valid?
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/55079
This commit is contained in:
parent
7cb0dd9859
commit
401be1d17f
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: Only allow strings in URL::Sanitizer.valid?
|
||||
merge_request: 23675
|
||||
author:
|
||||
type: fixed
|
|
@ -14,6 +14,7 @@ module Gitlab
|
|||
|
||||
def self.valid?(url)
|
||||
return false unless url.present?
|
||||
return false unless url.is_a?(String)
|
||||
|
||||
uri = Addressable::URI.parse(url.strip)
|
||||
|
||||
|
|
|
@ -41,6 +41,7 @@ describe Gitlab::UrlSanitizer do
|
|||
false | '123://invalid:url'
|
||||
false | 'valid@project:url.git'
|
||||
false | 'valid:pass@project:url.git'
|
||||
false | %w(test array)
|
||||
true | 'ssh://example.com'
|
||||
true | 'ssh://:@example.com'
|
||||
true | 'ssh://foo@example.com'
|
||||
|
|
Loading…
Reference in New Issue