summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--models/repo_mirror.go33
-rw-r--r--modules/util/sanitize.go48
-rw-r--r--routers/api/v1/repo/repo.go6
-rw-r--r--routers/repo/repo.go8
4 files changed, 64 insertions, 31 deletions
diff --git a/models/repo_mirror.go b/models/repo_mirror.go
index 92e8788fb5..f52b3eb452 100644
--- a/models/repo_mirror.go
+++ b/models/repo_mirror.go
@@ -6,18 +6,18 @@ package models
import (
"fmt"
- "strings"
"time"
- "github.com/Unknwon/com"
- "github.com/go-xorm/xorm"
- "gopkg.in/ini.v1"
-
"code.gitea.io/git"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/process"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/sync"
+ "code.gitea.io/gitea/modules/util"
+
+ "github.com/Unknwon/com"
+ "github.com/go-xorm/xorm"
+ "gopkg.in/ini.v1"
)
// MirrorQueue holds an UniqueQueue object of the mirror
@@ -95,24 +95,6 @@ func (m *Mirror) readAddress() {
}
}
-// HandleCloneUserCredentials replaces user credentials from HTTP/HTTPS URL
-// with placeholder <credentials>.
-// It will fail for any other forms of clone addresses.
-func HandleCloneUserCredentials(url string, mosaics bool) string {
- i := strings.Index(url, "@")
- if i == -1 {
- return url
- }
- start := strings.Index(url, "://")
- if start == -1 {
- return url
- }
- if mosaics {
- return url[:start+3] + "<credentials>" + url[i:]
- }
- return url[:start+3] + url[i+1:]
-}
-
// sanitizeOutput sanitizes output of a command, replacing occurrences of the
// repository's remote address with a sanitized version.
func sanitizeOutput(output, repoPath string) (string, error) {
@@ -122,14 +104,13 @@ func sanitizeOutput(output, repoPath string) (string, error) {
// sanitize.
return "", err
}
- sanitized := HandleCloneUserCredentials(remoteAddr, true)
- return strings.Replace(output, remoteAddr, sanitized, -1), nil
+ return util.SanitizeMessage(output, remoteAddr), nil
}
// Address returns mirror address from Git repository config without credentials.
func (m *Mirror) Address() string {
m.readAddress()
- return HandleCloneUserCredentials(m.address, false)
+ return util.SanitizeURLCredentials(m.address, false)
}
// FullAddress returns mirror address from Git repository config.
diff --git a/modules/util/sanitize.go b/modules/util/sanitize.go
new file mode 100644
index 0000000000..b1c17b29cf
--- /dev/null
+++ b/modules/util/sanitize.go
@@ -0,0 +1,48 @@
+// Copyright 2017 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package util
+
+import (
+ "net/url"
+ "strings"
+)
+
+// urlSafeError wraps an error whose message may contain a sensitive URL
+type urlSafeError struct {
+ err error
+ unsanitizedURL string
+}
+
+func (err urlSafeError) Error() string {
+ return SanitizeMessage(err.err.Error(), err.unsanitizedURL)
+}
+
+// URLSanitizedError returns the sanitized version an error whose message may
+// contain a sensitive URL
+func URLSanitizedError(err error, unsanitizedURL string) error {
+ return urlSafeError{err: err, unsanitizedURL: unsanitizedURL}
+}
+
+// SanitizeMessage sanitizes a message which may contains a sensitive URL
+func SanitizeMessage(message, unsanitizedURL string) string {
+ sanitizedURL := SanitizeURLCredentials(unsanitizedURL, true)
+ return strings.Replace(message, unsanitizedURL, sanitizedURL, -1)
+}
+
+// SanitizeURLCredentials sanitizes a url, either removing user credentials
+// or replacing them with a placeholder.
+func SanitizeURLCredentials(unsanitizedURL string, usePlaceholder bool) string {
+ u, err := url.Parse(unsanitizedURL)
+ if err != nil {
+ // don't log the error, since it might contain unsanitized URL.
+ return "(unparsable url)"
+ }
+ if u.User != nil && usePlaceholder {
+ u.User = url.User("<credentials>")
+ } else {
+ u.User = nil
+ }
+ return u.String()
+}
diff --git a/routers/api/v1/repo/repo.go b/routers/api/v1/repo/repo.go
index 158d373416..b154d50a05 100644
--- a/routers/api/v1/repo/repo.go
+++ b/routers/api/v1/repo/repo.go
@@ -9,8 +9,6 @@ import (
"net/http"
"strings"
- api "code.gitea.io/sdk/gitea"
-
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/auth"
"code.gitea.io/gitea/modules/context"
@@ -18,6 +16,7 @@ import (
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/util"
"code.gitea.io/gitea/routers/api/v1/convert"
+ api "code.gitea.io/sdk/gitea"
)
// Search repositories via options
@@ -327,12 +326,13 @@ func Migrate(ctx *context.APIContext, form auth.MigrateRepoForm) {
RemoteAddr: remoteAddr,
})
if err != nil {
+ err = util.URLSanitizedError(err, remoteAddr)
if repo != nil {
if errDelete := models.DeleteRepository(ctx.User, ctxUser.ID, repo.ID); errDelete != nil {
log.Error(4, "DeleteRepository: %v", errDelete)
}
}
- ctx.Error(500, "MigrateRepository", models.HandleCloneUserCredentials(err.Error(), true))
+ ctx.Error(500, "MigrateRepository", err)
return
}
diff --git a/routers/repo/repo.go b/routers/repo/repo.go
index dbe78f6d1e..36105bfe17 100644
--- a/routers/repo/repo.go
+++ b/routers/repo/repo.go
@@ -20,6 +20,7 @@ import (
"code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
+ "code.gitea.io/gitea/modules/util"
)
const (
@@ -232,6 +233,9 @@ func MigratePost(ctx *context.Context, form auth.MigrateRepoForm) {
return
}
+ // remoteAddr may contain credentials, so we sanitize it
+ err = util.URLSanitizedError(err, remoteAddr)
+
if repo != nil {
if errDelete := models.DeleteRepository(ctx.User, ctxUser.ID, repo.ID); errDelete != nil {
log.Error(4, "DeleteRepository: %v", errDelete)
@@ -241,11 +245,11 @@ func MigratePost(ctx *context.Context, form auth.MigrateRepoForm) {
if strings.Contains(err.Error(), "Authentication failed") ||
strings.Contains(err.Error(), "could not read Username") {
ctx.Data["Err_Auth"] = true
- ctx.RenderWithErr(ctx.Tr("form.auth_failed", models.HandleCloneUserCredentials(err.Error(), true)), tplMigrate, &form)
+ ctx.RenderWithErr(ctx.Tr("form.auth_failed", err.Error()), tplMigrate, &form)
return
} else if strings.Contains(err.Error(), "fatal:") {
ctx.Data["Err_CloneAddr"] = true
- ctx.RenderWithErr(ctx.Tr("repo.migrate.failed", models.HandleCloneUserCredentials(err.Error(), true)), tplMigrate, &form)
+ ctx.RenderWithErr(ctx.Tr("repo.migrate.failed", err.Error()), tplMigrate, &form)
return
}
stable29 Nextcloud server, a safe home for all your data: https://github.com/nextcloud/serverwww-data
summaryrefslogtreecommitdiffstats
path: root/apps/federatedfilesharing/l10n/cs_CZ.js
blob: bb7b85319afb0cd18513efcfa254663ff331e281 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
OC.L10N.register(
    "federatedfilesharing",
    {
    "Federated sharing" : "Propojené sdílení",
    "Do you want to add the remote share {name} from {owner}@{remote}?" : "Chcete přidat vzdálené sdílení {name} od {owner}@{remote}?",
    "Remote share" : "Vzdálené sdílení",
    "Remote share password" : "Heslo vzdáleného sdílení",
    "Cancel" : "Zrušit",
    "Add remote share" : "Přidat propojené sdílení",
    "Copy" : "Kopie",
    "Copied!" : "Zkopírováno!",
    "Not supported!" : "Nepodporováno!",
    "Press ⌘-C to copy." : "Zmáčknout ⌘-C pro kopírování.",
    "Press Ctrl-C to copy." : "Zmáčknout Ctrl-C pro kopírování.",
    "Invalid Federated Cloud ID" : "Neplatné sdružené cloud ID",
    "Server to server sharing is not enabled on this server" : "Sdílení ze serveru na server není na tomto serveru povoleno",
    "Couldn't establish a federated share." : "Nepodařilo se ustavit spojené sdílení.",
    "Couldn't establish a federated share, maybe the password was wrong." : "Nepodařilo se ustavit propojené sdílení, heslo může být nesprávné.",
    "Federated Share request was successful, you will receive a invitation. Check your notifications." : "Požadavek na spojené sdílení uspěl, obdržíte pozvánku. Zkontrolujte vaše upozornění.",
    "The mountpoint name contains invalid characters." : "Jméno přípojného bodu obsahuje neplatné znaky.",
    "Not allowed to create a federated share with the owner." : "ONení povoleno s autorem vytvořit propojené sdílení.",
    "Invalid or untrusted SSL certificate" : "Neplatný nebo nedůvěryhodný SSL certifikát",
    "Could not authenticate to remote share, password might be wrong" : "Autentizace ke vzdálenému sdílení selhala, heslo může být nesprávné",
    "Storage not valid" : "Úložiště není platné",
    "Federated Share successfully added" : "Propojené sdílení úspěšně přidáno",
    "Couldn't add remote share" : "Nepodařilo se přidat propojené sdílení",
    "Sharing %s failed, because this item is already shared with %s" : "Sdílení položky %s selhalo, protože položka již je s uživatelem %s sdílena",
    "Not allowed to create a federated share with the same user" : "Není povoleno vytvořit propojené sdílení s tím samým uživatelem",
    "File is already shared with %s" : "Soubor je již sdílen s %s",
    "Sharing %s failed, could not find %s, maybe the server is currently unreachable or uses a self-signed certificate." : "Sdílení %s selhalo, %s se nepodařilo nalézt, server pravděpodobně právě není dostupný nebo používá self-signed certifikát.",
    "Could not find share" : "Nelze nalézt sdílení",
    "You received \"%3$s\" as a remote share from %1$s (on behalf of %2$s)" : "Obdržel(a) jste %3$s jako vzdálené sdílení od %1$s (jménem %2$s)",
    "You received {share} as a remote share from {user} (on behalf of {behalf})" : "Obdržel(a) jste {share} jako vzdálené sdílení od {user} (jménem {behalf})",
    "You received \"%3$s\" as a remote share from %1$s" : "Obdržel(a) jste %3$s jako vzdálené sdílení od %1$s",
    "You received {share} as a remote share from {user}" : "Obdržel(a) jste {share} jako vzdálené sdílení od {user}",
    "Accept" : "Přijmout",
    "Decline" : "Zamítnout",
    "Share with me through my #Nextcloud Federated Cloud ID, see %s" : "Sdílej se mnou pomocí mého #Nextcloud sdruženého cloud ID, více na %s",
    "Share with me through my #Nextcloud Federated Cloud ID" : "Sdílej se mnou pomocí mého #Nextcloud sdruženého cloud ID",
    "Federated Cloud Sharing" : "Propojené cloudové sdílení",
    "Open documentation" : "Otevřít dokumentaci",
    "Allow users on this server to send shares to other servers" : "Povolit uživatelům z tohoto serveru zasílat sdílení na jiné servery",
    "Allow users on this server to receive shares from other servers" : "Povolit uživatelům na tomto serveru přijímat sdílení z jiných serverů",
    "Search global and public address book for users" : "Hledat uživatele v globálním a veřejném adresáři",
    "Federated Cloud" : "Sdružený cloud",
    "Your Federated Cloud ID:" : "Vaše sdružené cloud ID:",
    "Share it:" : "Sdílet:",
    "Add to your website" : "Přidat na svou webovou stránku",
    "Share with me via Nextcloud" : "Sdíleno se mnou přes Nextcloud",
    "HTML Code:" : "HTML kód:",
    "Sharing %s failed, could not find %s, maybe the server is currently unreachable." : "Sdílení %s selhalo, %s se nepodařilo nalézt, server pravděpodobně právě není dostupný.",
    "You received \"/%3$s\" as a remote share from %1$s (on behalf of %2$s)" : "Obdrželi jste \"/%3$s\" jako vzdálené sdílení od %1$s (zastupuje %2$s)",
    "You received \"/%3$s\" as a remote share from %1$s" : "Obdrželi jste \"/%3$s\" jako vzdálené sdílení od %1$s"
},
"nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;");