diff options
| author | Lunny Xiao <xiaolunwen@gmail.com> | 2022-03-27 19:54:09 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-03-27 12:54:09 +0100 |
| commit | c29fbc6d2316b8b42b37c3b379eb2297f7a93aeb (patch) | |
| tree | 4583000b6e93fd6481bd013011cd58e3272aefad /modules/git | |
| parent | 41b60d94db2b51ec4554b09e51ec6523e5cdfea4 (diff) | |
| download | gitea-c29fbc6d2316b8b42b37c3b379eb2297f7a93aeb.tar.gz gitea-c29fbc6d2316b8b42b37c3b379eb2297f7a93aeb.zip | |
Hide sensitive content on admin panel progress monitor (#19218)
Sanitize urls within git process descriptions.
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Andrew Thornton <art27@cantab.net>
Diffstat (limited to 'modules/git')
| -rw-r--r-- | modules/git/command.go | 17 | ||||
| -rw-r--r-- | modules/git/repo.go | 12 |
2 files changed, 28 insertions, 1 deletions
diff --git a/modules/git/command.go b/modules/git/command.go index ac26ef8689..8199498a2b 100644 --- a/modules/git/command.go +++ b/modules/git/command.go @@ -17,6 +17,7 @@ import ( "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/process" + "code.gitea.io/gitea/modules/util" ) var ( @@ -142,7 +143,21 @@ func (c *Command) RunWithContext(rc *RunContext) error { desc := c.desc if desc == "" { - desc = fmt.Sprintf("%s %s [repo_path: %s]", c.name, strings.Join(c.args[c.globalArgsLength:], " "), rc.Dir) + args := c.args[c.globalArgsLength:] + var argSensitiveURLIndexes []int + for i, arg := range c.args { + if strings.Contains(arg, "://") && strings.Contains(arg, "@") { + argSensitiveURLIndexes = append(argSensitiveURLIndexes, i) + } + } + if len(argSensitiveURLIndexes) > 0 { + args = make([]string, len(c.args)) + copy(args, c.args) + for _, urlArgIndex := range argSensitiveURLIndexes { + args[urlArgIndex] = util.NewStringURLSanitizer(args[urlArgIndex], true).Replace(args[urlArgIndex]) + } + } + desc = fmt.Sprintf("%s %s [repo_path: %s]", c.name, strings.Join(args, " "), rc.Dir) } ctx, cancel, finished := process.GetManager().AddContextTimeout(c.parentContext, rc.Timeout, desc) diff --git a/modules/git/repo.go b/modules/git/repo.go index 5ba39ac7e3..b886d5ed45 100644 --- a/modules/git/repo.go +++ b/modules/git/repo.go @@ -19,6 +19,7 @@ import ( "time" "code.gitea.io/gitea/modules/proxy" + "code.gitea.io/gitea/modules/util" ) // GPGSettings represents the default GPG settings for this repository @@ -154,6 +155,12 @@ func CloneWithArgs(ctx context.Context, from, to string, args []string, opts Clo } cmd.AddArguments("--", from, to) + if strings.Contains(from, "://") && strings.Contains(from, "@") { + cmd.SetDescription(fmt.Sprintf("clone branch %s from %s to %s (shared: %t, mirror: %t, depth: %d)", opts.Branch, util.NewStringURLSanitizer(from, true).Replace(from), to, opts.Shared, opts.Mirror, opts.Depth)) + } else { + cmd.SetDescription(fmt.Sprintf("clone branch %s from %s to %s (shared: %t, mirror: %t, depth: %d)", opts.Branch, from, to, opts.Shared, opts.Mirror, opts.Depth)) + } + if opts.Timeout <= 0 { opts.Timeout = -1 } @@ -201,6 +208,11 @@ func Push(ctx context.Context, repoPath string, opts PushOptions) error { if len(opts.Branch) > 0 { cmd.AddArguments(opts.Branch) } + if strings.Contains(opts.Remote, "://") && strings.Contains(opts.Remote, "@") { + cmd.SetDescription(fmt.Sprintf("push branch %s to %s (force: %t, mirror: %t)", opts.Branch, util.NewStringURLSanitizer(opts.Remote, true).Replace(opts.Remote), opts.Force, opts.Mirror)) + } else { + cmd.SetDescription(fmt.Sprintf("push branch %s to %s (force: %t, mirror: %t)", opts.Branch, opts.Remote, opts.Force, opts.Mirror)) + } var outbuf, errbuf strings.Builder if opts.Timeout == 0 { |