Explicitly reject non http(s) schemes
Rather than relying on NoMethodError deep inside faraday
This commit is contained in:
parent
46ef495488
commit
d6a7408fd3
2 changed files with 22 additions and 2 deletions
|
@ -82,7 +82,10 @@ module ContainerRegistry
|
||||||
def redirect_response(location)
|
def redirect_response(location)
|
||||||
return unless location
|
return unless location
|
||||||
|
|
||||||
faraday_redirect.get(location)
|
uri = URI(@base_uri).merge(location)
|
||||||
|
raise ArgumentError, "Invalid scheme for #{location}" unless %w[http https].include?(uri.scheme)
|
||||||
|
|
||||||
|
faraday_redirect.get(uri)
|
||||||
end
|
end
|
||||||
|
|
||||||
def faraday
|
def faraday
|
||||||
|
|
|
@ -112,11 +112,28 @@ describe ContainerRegistry::Blob do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
context 'for a relative address' do
|
||||||
|
before do
|
||||||
|
stub_request(:get, 'http://registry.gitlab/relative')
|
||||||
|
.with { |request| !request.headers.include?('Authorization') }
|
||||||
|
.to_return(
|
||||||
|
status: 200,
|
||||||
|
headers: { 'Content-Type' => 'application/json' },
|
||||||
|
body: '{"key":"value"}')
|
||||||
|
end
|
||||||
|
|
||||||
|
let(:location) { '/relative' }
|
||||||
|
|
||||||
|
it 'returns correct data' do
|
||||||
|
expect(blob.data).to eq '{"key":"value"}'
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
context 'for invalid file' do
|
context 'for invalid file' do
|
||||||
let(:location) { 'file:///etc/passwd' }
|
let(:location) { 'file:///etc/passwd' }
|
||||||
|
|
||||||
it 'raises an error' do
|
it 'raises an error' do
|
||||||
expect { blob.data }.to raise_error(NoMethodError, %q{undefined method `request_uri' for #<URI::File file:///etc/passwd>})
|
expect { blob.data }.to raise_error(ArgumentError, 'Invalid scheme for file:///etc/passwd')
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue