Skip to content

Commit

Permalink
Clean up ref name rules (#6437) (#6439)
Browse files Browse the repository at this point in the history
  • Loading branch information
mrsdizzie authored and zeripath committed Mar 26, 2019
1 parent 0bf7ed5 commit 63f6764
Show file tree
Hide file tree
Showing 4 changed files with 132 additions and 4 deletions.
2 changes: 1 addition & 1 deletion integrations/repo_branch_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ func TestCreateBranch(t *testing.T) {
OldRefSubURL: "branch/master",
NewBranch: "feature=test1",
ExpectedStatus: http.StatusFound,
FlashMessage: i18n.Tr("en", "form.NewBranchName") + i18n.Tr("en", "form.git_ref_name_error"),
FlashMessage: i18n.Tr("en", "repo.branch.create_success", "feature=test1"),
},
{
OldRefSubURL: "branch/master",
Expand Down
7 changes: 5 additions & 2 deletions modules/validation/binding.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,9 @@ const (

var (
// GitRefNamePattern is regular expression with unallowed characters in git reference name
GitRefNamePattern = regexp.MustCompile("[^\\d\\w-_\\./]")
// They cannot have ASCII control characters (i.e. bytes whose values are lower than \040, or \177 DEL), space, tilde ~, caret ^, or colon : anywhere.
// They cannot have question-mark ?, asterisk *, or open bracket [ anywhere
GitRefNamePattern = regexp.MustCompile(`[\000-\037\177 \\~^:?*[]+`)
)

// AddBindingRules adds additional binding rules
Expand All @@ -44,7 +46,8 @@ func addGitRefNameBindingRule() {
// Additional rules as described at https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html
if strings.HasPrefix(str, "/") || strings.HasSuffix(str, "/") ||
strings.HasSuffix(str, ".") || strings.Contains(str, "..") ||
strings.Contains(str, "//") {
strings.Contains(str, "//") || strings.Contains(str, "@{") ||
str == "@" {
errs.Add([]string{name}, ErrGitRefName, "GitRefName")
return false, errs
}
Expand Down
124 changes: 124 additions & 0 deletions modules/validation/refname_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,13 @@ var gitRefNameValidationTestCases = []validationTestCase{
},
expectedErrors: binding.Errors{},
},
{
description: "Reference name has allowed special characters",
data: TestForm{
BranchName: "debian/1%1.6.0-2",
},
expectedErrors: binding.Errors{},
},
{
description: "Reference name contains backslash",
data: TestForm{
Expand Down Expand Up @@ -129,6 +136,123 @@ var gitRefNameValidationTestCases = []validationTestCase{
},
},
},
{
description: "Reference name is single @",
data: TestForm{
BranchName: "@",
},
expectedErrors: binding.Errors{
binding.Error{
FieldNames: []string{"BranchName"},
Classification: ErrGitRefName,
Message: "GitRefName",
},
},
},
{
description: "Reference name has @{",
data: TestForm{
BranchName: "branch@{",
},
expectedErrors: binding.Errors{
binding.Error{
FieldNames: []string{"BranchName"},
Classification: ErrGitRefName,
Message: "GitRefName",
},
},
},
{
description: "Reference name has unallowed special character ~",
data: TestForm{
BranchName: "~debian/1%1.6.0-2",
},
expectedErrors: binding.Errors{
binding.Error{
FieldNames: []string{"BranchName"},
Classification: ErrGitRefName,
Message: "GitRefName",
},
},
},
{
description: "Reference name has unallowed special character *",
data: TestForm{
BranchName: "*debian/1%1.6.0-2",
},
expectedErrors: binding.Errors{
binding.Error{
FieldNames: []string{"BranchName"},
Classification: ErrGitRefName,
Message: "GitRefName",
},
},
},
{
description: "Reference name has unallowed special character ?",
data: TestForm{
BranchName: "?debian/1%1.6.0-2",
},
expectedErrors: binding.Errors{
binding.Error{
FieldNames: []string{"BranchName"},
Classification: ErrGitRefName,
Message: "GitRefName",
},
},
},
{
description: "Reference name has unallowed special character ^",
data: TestForm{
BranchName: "^debian/1%1.6.0-2",
},
expectedErrors: binding.Errors{
binding.Error{
FieldNames: []string{"BranchName"},
Classification: ErrGitRefName,
Message: "GitRefName",
},
},
},
{
description: "Reference name has unallowed special character :",
data: TestForm{
BranchName: "debian:jessie",
},
expectedErrors: binding.Errors{
binding.Error{
FieldNames: []string{"BranchName"},
Classification: ErrGitRefName,
Message: "GitRefName",
},
},
},
{
description: "Reference name has unallowed special character (whitespace)",
data: TestForm{
BranchName: "debian jessie",
},
expectedErrors: binding.Errors{
binding.Error{
FieldNames: []string{"BranchName"},
Classification: ErrGitRefName,
Message: "GitRefName",
},
},
},
{
description: "Reference name has unallowed special character [",
data: TestForm{
BranchName: "debian[jessie",
},
expectedErrors: binding.Errors{
binding.Error{
FieldNames: []string{"BranchName"},
Classification: ErrGitRefName,
Message: "GitRefName",
},
},
},
}

func Test_GitRefNameValidation(t *testing.T) {
Expand Down
3 changes: 2 additions & 1 deletion routers/repo/branch.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ import (
"code.gitea.io/gitea/modules/base"
"code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/util"
)

const (
Expand Down Expand Up @@ -250,5 +251,5 @@ func CreateBranch(ctx *context.Context, form auth.NewBranchForm) {
}

ctx.Flash.Success(ctx.Tr("repo.branch.create_success", form.NewBranchName))
ctx.Redirect(ctx.Repo.RepoLink + "/src/branch/" + form.NewBranchName)
ctx.Redirect(ctx.Repo.RepoLink + "/src/branch/" + util.PathEscapeSegments(form.NewBranchName))
}

0 comments on commit 63f6764

Please sign in to comment.