Merge ~cjwatson/launchpad-buildd:tighten-url-sanitization into launchpad-buildd:master
Proposed by
Colin Watson
Status: | Merged |
---|---|
Approved by: | Colin Watson |
Approved revision: | 311be87080b813545c9bdffb8aef4d4d2d451092 |
Merge reported by: | Otto Co-Pilot |
Merged at revision: | not available |
Proposed branch: | ~cjwatson/launchpad-buildd:tighten-url-sanitization |
Merge into: | launchpad-buildd:master |
Diff against target: |
86 lines (+48/-1) 3 files modified
debian/changelog (+1/-0) lpbuildd/builder.py (+1/-1) lpbuildd/tests/test_builder.py (+46/-0) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Andrey Fedoseev (community) | Approve | ||
Review via email: mp+427515@code.launchpad.net |
Commit message
Make URL sanitization a little less greedy
Description of the change
It could previously be confused by multiple URLs on the same line, resulting in very confusing output in build logs. This change is safe because RFC 1738 says:
Within the user and password field, any ":", "@", or "/" must be encoded.
To post a comment you must log in.
Could you add a test for the case when username/password include the special characters (":", "@", or "/")?