forked from farhoodlabs/paperclip
fix: add HTTPS protocol check to server-side GitHub URL parsers
This commit is contained in:
@@ -2567,6 +2567,9 @@ function normalizeGitHubSourcePath(value: string | null | undefined) {
|
|||||||
|
|
||||||
export function parseGitHubSourceUrl(rawUrl: string) {
|
export function parseGitHubSourceUrl(rawUrl: string) {
|
||||||
const url = new URL(rawUrl);
|
const url = new URL(rawUrl);
|
||||||
|
if (url.protocol !== "https:") {
|
||||||
|
throw unprocessable("GitHub source URL must use HTTPS");
|
||||||
|
}
|
||||||
const hostname = url.hostname;
|
const hostname = url.hostname;
|
||||||
const parts = url.pathname.split("/").filter(Boolean);
|
const parts = url.pathname.split("/").filter(Boolean);
|
||||||
if (parts.length < 2) {
|
if (parts.length < 2) {
|
||||||
|
|||||||
@@ -512,6 +512,9 @@ async function resolveGitHubCommitSha(owner: string, repo: string, ref: string,
|
|||||||
|
|
||||||
function parseGitHubSourceUrl(rawUrl: string) {
|
function parseGitHubSourceUrl(rawUrl: string) {
|
||||||
const url = new URL(rawUrl);
|
const url = new URL(rawUrl);
|
||||||
|
if (url.protocol !== "https:") {
|
||||||
|
throw unprocessable("GitHub source URL must use HTTPS");
|
||||||
|
}
|
||||||
const parts = url.pathname.split("/").filter(Boolean);
|
const parts = url.pathname.split("/").filter(Boolean);
|
||||||
if (parts.length < 2) {
|
if (parts.length < 2) {
|
||||||
throw unprocessable("Invalid GitHub URL");
|
throw unprocessable("Invalid GitHub URL");
|
||||||
|
|||||||
Reference in New Issue
Block a user