Fix front-end for branches that happen to contain urlencoding escape characters (e.g. %)

Signed-off-by: N Rémy Coutable <remy@rymai.me>

Fix front-end for branches that happen to contain urlencoding escape characters (e.g. %)
Signed-off-by: N Rémy Coutable <remy@rymai.me>
68cea38e · Elliot · Rémy Coutable · 3a46eac1 · 68cea38e · 68cea38e
隐藏空白更改
内联并排

Showing with 18 addition and 4 deletion

CHANGELOG CHANGELOG +1 -0

lib/extracts_path.rb lib/extracts_path.rb +1 -1

spec/lib/extracts_path_spec.rb spec/lib/extracts_path_spec.rb +16 -3

未找到文件。
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -5,6 +5,7 @@ v 8.11.0 (unreleased)
  - Fix rename `add_users_into_project` and `projects_ids`. !20512 (herminiotorres)
  - Fix the title of the toggle dropdown button. !5515 (herminiotorres)
  - Improve diff performance by eliminating redundant checks for text blobs
+  - Ensure that branch names containing escapable characters (e.g. %20) aren't unescaped indiscriminately. !5770 (ewiltshi)
  - Convert switch icon into icon font (ClemMakesApps)
  - API: Endpoints for enabling and disabling deploy keys
  - Use long options for curl examples in documentation !5703 (winniehell)

--- a/lib/extracts_path.rb
+++ b/lib/extracts_path.rb
@@ -94,7 +94,7 @@ module ExtractsPath
    @options = params.select {|key, value| allowed_options.include?(key) && !value.blank? }
    @options = HashWithIndifferentAccess.new(@options)

-    @id = Addressable::URI.unescape(get_id)
+    @id = Addressable::URI.normalize_component(get_id)
    @ref, @path = extract_ref(@id)
    @repo = @project.repository
    if @options[:extended_sha1].blank?

--- a/spec/lib/extracts_path_spec.rb
+++ b/spec/lib/extracts_path_spec.rb
@@ -30,15 +30,28 @@ describe ExtractsPath, lib: true do
      expect(@logs_path).to eq("/#{@project.path_with_namespace}/refs/#{ref}/logs_tree/files/ruby/popen.rb")
    end

-    context 'escaped sequences in ref' do
-      let(:ref) { "improve%2Fawesome" }
+    context 'escaped slash character in ref' do
+      let(:ref) { 'improve%2Fawesome' }

-      it "id has no escape sequences" do
+      it 'has no escape sequences in @ref or @logs_path' do
        assign_ref_vars
+
        expect(@ref).to eq('improve/awesome')
        expect(@logs_path).to eq("/#{@project.path_with_namespace}/refs/#{ref}/logs_tree/files/ruby/popen.rb")
      end
    end
+
+    context 'ref contains %20' do
+      let(:ref) { 'foo%20bar' }
+
+      it 'is not converted to a space in @id' do
+        @project.repository.add_branch(@project.owner, 'foo%20bar', 'master')
+
+        assign_ref_vars
+
+        expect(@id).to start_with('foo%20bar/')
+      end
+    end
  end

  describe '#extract_ref' do