diff options
| author | Ethan Koenig <ethantkoenig@gmail.com> | 2017-12-03 17:48:03 -0800 |
|---|---|---|
| committer | Lauris BH <lauris@nix.lv> | 2017-12-04 03:48:03 +0200 |
| commit | 3c1b1ca78e93fb464a5bb64aae9d845bc9f0b9c0 (patch) | |
| tree | 8bdb041a1a0888a39b967006d20e1997c4b4fce4 /routers | |
| parent | 5dc37b187c8b839a15ff73758799f218ddeb3bc9 (diff) | |
| download | gitea-3c1b1ca78e93fb464a5bb64aae9d845bc9f0b9c0.tar.gz gitea-3c1b1ca78e93fb464a5bb64aae9d845bc9f0b9c0.zip | |
Fix error message sanitiziation (#3082)
Diffstat (limited to 'routers')
| -rw-r--r-- | routers/api/v1/repo/repo.go | 6 | ||||
| -rw-r--r-- | routers/repo/repo.go | 8 |
2 files changed, 9 insertions, 5 deletions
diff --git a/routers/api/v1/repo/repo.go b/routers/api/v1/repo/repo.go index 158d373416..b154d50a05 100644 --- a/routers/api/v1/repo/repo.go +++ b/routers/api/v1/repo/repo.go @@ -9,8 +9,6 @@ import ( "net/http" "strings" - api "code.gitea.io/sdk/gitea" - "code.gitea.io/gitea/models" "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/context" @@ -18,6 +16,7 @@ import ( "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/util" "code.gitea.io/gitea/routers/api/v1/convert" + api "code.gitea.io/sdk/gitea" ) // Search repositories via options @@ -327,12 +326,13 @@ func Migrate(ctx *context.APIContext, form auth.MigrateRepoForm) { RemoteAddr: remoteAddr, }) if err != nil { + err = util.URLSanitizedError(err, remoteAddr) if repo != nil { if errDelete := models.DeleteRepository(ctx.User, ctxUser.ID, repo.ID); errDelete != nil { log.Error(4, "DeleteRepository: %v", errDelete) } } - ctx.Error(500, "MigrateRepository", models.HandleCloneUserCredentials(err.Error(), true)) + ctx.Error(500, "MigrateRepository", err) return } diff --git a/routers/repo/repo.go b/routers/repo/repo.go index dbe78f6d1e..36105bfe17 100644 --- a/routers/repo/repo.go +++ b/routers/repo/repo.go @@ -20,6 +20,7 @@ import ( "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/util" ) const ( @@ -232,6 +233,9 @@ func MigratePost(ctx *context.Context, form auth.MigrateRepoForm) { return } + // remoteAddr may contain credentials, so we sanitize it + err = util.URLSanitizedError(err, remoteAddr) + if repo != nil { if errDelete := models.DeleteRepository(ctx.User, ctxUser.ID, repo.ID); errDelete != nil { log.Error(4, "DeleteRepository: %v", errDelete) @@ -241,11 +245,11 @@ func MigratePost(ctx *context.Context, form auth.MigrateRepoForm) { if strings.Contains(err.Error(), "Authentication failed") || strings.Contains(err.Error(), "could not read Username") { ctx.Data["Err_Auth"] = true - ctx.RenderWithErr(ctx.Tr("form.auth_failed", models.HandleCloneUserCredentials(err.Error(), true)), tplMigrate, &form) + ctx.RenderWithErr(ctx.Tr("form.auth_failed", err.Error()), tplMigrate, &form) return } else if strings.Contains(err.Error(), "fatal:") { ctx.Data["Err_CloneAddr"] = true - ctx.RenderWithErr(ctx.Tr("repo.migrate.failed", models.HandleCloneUserCredentials(err.Error(), true)), tplMigrate, &form) + ctx.RenderWithErr(ctx.Tr("repo.migrate.failed", err.Error()), tplMigrate, &form) return } |