Merge branch 'fix/safe-import-url' into 'master'
Prevent tokens in the import URL to be showed by the UI Quick fix to prevent the import URL to show a user's token. See merge request !3331
This commit is contained in:
commit
642f56c646
2 changed files with 2 additions and 0 deletions
|
@ -2,6 +2,7 @@ Please view this file on the master branch, on stable branches it's out of date.
|
||||||
|
|
||||||
v 8.6.0 (unreleased)
|
v 8.6.0 (unreleased)
|
||||||
- Add ability to move issue to another project
|
- Add ability to move issue to another project
|
||||||
|
- Prevent tokens in the import URL to be showed by the UI
|
||||||
- Fix bug where wrong commit ID was being used in a merge request diff to show old image (Stan Hu)
|
- Fix bug where wrong commit ID was being used in a merge request diff to show old image (Stan Hu)
|
||||||
- Make HTTP(s) label consistent on clone bar (Stan Hu)
|
- Make HTTP(s) label consistent on clone bar (Stan Hu)
|
||||||
- Add confidential issues
|
- Add confidential issues
|
||||||
|
|
|
@ -435,6 +435,7 @@ class Project < ActiveRecord::Base
|
||||||
def safe_import_url
|
def safe_import_url
|
||||||
result = URI.parse(self.import_url)
|
result = URI.parse(self.import_url)
|
||||||
result.password = '*****' unless result.password.nil?
|
result.password = '*****' unless result.password.nil?
|
||||||
|
result.user = '*****' unless result.user.nil? || result.user == "git" #tokens or other data may be saved as user
|
||||||
result.to_s
|
result.to_s
|
||||||
rescue
|
rescue
|
||||||
self.import_url
|
self.import_url
|
||||||
|
|
Loading…
Reference in a new issue