Merge branch '10772-fix-urlencoded-branchname' into 'master'

Fix front-end for branches that happen to contain urlencoding escape characters (e.g. %) _Originally opened at !3574 by @ewiltshi._ - - - Adding a branch with a name like "foo%20bar" (via command-line) and setting it to the project's default branch causes the project "show" page to 404 for that project. "assign_ref_vars" unescapes the branch name ("foo%20bar" ==> "foo bar"), making GitLab look for a non-existent branch. This MR adds logic to skip the URL unescaping step in "assign_ref_vars". Fixes #10772, #14992, #15304. ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - Tests - [x] Added for this feature/bug - [ ] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !5770
2016-08-11 13:03:09 +00:00 · 2016-08-11 13:03:09 +00:00 · a081b842f9
parent 2fee833767 68cea38e94
commit a081b842f9
3 changed files with 18 additions and 4 deletions
--- a/1
+++ b/1
@ -6,6 +6,7 @@ v 8.11.0 (unreleased)
  - Fix rename `add_users_into_project` and `projects_ids`. !20512 (herminiotorres)
  - Fix the title of the toggle dropdown button. !5515 (herminiotorres)
  - Improve diff performance by eliminating redundant checks for text blobs
+  - Ensure that branch names containing escapable characters (e.g. %20) aren't unescaped indiscriminately. !5770 (ewiltshi)
  - Convert switch icon into icon font (ClemMakesApps)
  - API: Endpoints for enabling and disabling deploy keys
  - API: List access requests, request access, approve, and deny access requests to a project or a group. !4833
--- a/lib/extracts_path.rb
+++ b/lib/extracts_path.rb
@ -94,7 +94,7 @@ module ExtractsPath
    @options = params.select {|key, value| allowed_options.include?(key) && !value.blank? }
    @options = HashWithIndifferentAccess.new(@options)

-    @id = Addressable::URI.unescape(get_id)
+    @id = Addressable::URI.normalize_component(get_id)
    @ref, @path = extract_ref(@id)
    @repo = @project.repository
    if @options[:extended_sha1].blank?
--- a/spec/lib/extracts_path_spec.rb
+++ b/spec/lib/extracts_path_spec.rb
@ -30,15 +30,28 @@ describe ExtractsPath, lib: true do
      expect(@logs_path).to eq("/#{@project.path_with_namespace}/refs/#{ref}/logs_tree/files/ruby/popen.rb")
    end

-    context 'escaped sequences in ref' do
-      let(:ref) { "improve%2Fawesome" }
+    context 'escaped slash character in ref' do
+      let(:ref) { 'improve%2Fawesome' }

-      it "id has no escape sequences" do
+      it 'has no escape sequences in @ref or @logs_path' do
        assign_ref_vars
+
        expect(@ref).to eq('improve/awesome')
        expect(@logs_path).to eq("/#{@project.path_with_namespace}/refs/#{ref}/logs_tree/files/ruby/popen.rb")
      end
    end
+
+    context 'ref contains %20' do
+      let(:ref) { 'foo%20bar' }
+
+      it 'is not converted to a space in @id' do
+        @project.repository.add_branch(@project.owner, 'foo%20bar', 'master')
+
+        assign_ref_vars
+
+        expect(@id).to start_with('foo%20bar/')
+      end
+    end
  end

  describe '#extract_ref' do