Do not convert file path to lowercase (#15023)

* Do not convert file path to lowercase.

* lint

* Check against lowercase hostname.

2 files changed, 7 insertions, 3 deletions

diff --git a/modules/migrations/migrate.go b/modules/migrations/migrate.go
index 619b572a3f..75fee80a39 100644
--- a/modules/migrations/migrate.go
+++ b/modules/migrations/migrate.go
@@ -39,7 +39,7 @@ func RegisterDownloaderFactory(factory base.DownloaderFactory) {
 // IsMigrateURLAllowed checks if an URL is allowed to be migrated from
 func IsMigrateURLAllowed(remoteURL string, doer *models.User) error {
 	// Remote address can be HTTP/HTTPS/Git URL or local path.
-	u, err := url.Parse(strings.ToLower(remoteURL))
+	u, err := url.Parse(remoteURL)
 	if err != nil {
 		return &models.ErrInvalidCloneAddr{IsURLError: true}
 	}
@@ -72,12 +72,13 @@ func IsMigrateURLAllowed(remoteURL string, doer *models.User) error {
 		return &models.ErrInvalidCloneAddr{Host: u.Host, IsProtocolInvalid: true, IsPermissionDenied: true, IsURLError: true}
 	}
 
+	host := strings.ToLower(u.Host)
 	if len(setting.Migrations.AllowedDomains) > 0 {
-		if !allowList.Match(u.Host) {
+		if !allowList.Match(host) {
 			return &models.ErrInvalidCloneAddr{Host: u.Host, IsPermissionDenied: true}
 		}
 	} else {
-		if blockList.Match(u.Host) {
+		if blockList.Match(host) {
 			return &models.ErrInvalidCloneAddr{Host: u.Host, IsPermissionDenied: true}
 		}
 	}
diff --git a/modules/migrations/migrate_test.go b/modules/migrations/migrate_test.go
index be119d32d3..98ee2dfc4a 100644
--- a/modules/migrations/migrate_test.go
+++ b/modules/migrations/migrate_test.go
@@ -29,6 +29,9 @@ func TestMigrateWhiteBlocklist(t *testing.T) {
 	err = IsMigrateURLAllowed("https://github.com/go-gitea/gitea.git", nonAdminUser)
 	assert.NoError(t, err)
 
+	err = IsMigrateURLAllowed("https://gITHUb.com/go-gitea/gitea.git", nonAdminUser)
+	assert.NoError(t, err)
+
 	setting.Migrations.AllowedDomains = []string{}
 	setting.Migrations.BlockedDomains = []string{"github.com"}
 	assert.NoError(t, Init())