| << Back to previous view |
|
[QB-2555] HTTP basic auth information not URI encoded when cloning repository
|
|
| Status: | Closed |
| Project: | QuickBuild |
| Component/s: | None |
| Affects Version/s: | 5.1.35 |
| Fix Version/s: | 6.0.0 |
| Type: | Bug | Priority: | Minor |
| Reporter: | Tim Earle | Assigned To: | Steve Luo |
| Resolution: | Won't Fix | Votes: | 0 |
| Remaining Estimate: | 1 hour | Time Spent: | Unknown |
| Original Estimate: | 1 hour | ||
| Description |
|
The user and password information is not URI encoded when the request is made.
The easiest scenario is as follows: Some SCM management systems allow a username to be a password (GitLab is one, RhodeCode as well if memory serves). It's also possible to have special characters in passwords (enforced in many cases as well). Create a username with an {{@}} symbol in it and attempt to clone a repository. Git will return an error saying that it's not a valid Git path. Replace the {{@}} in the username with {{%40}}. {{http://[email protected]:[email protected]/path/to/repo.git}} = error {{http://user%40example.com:[email protected]/path/to/repo.git}} = success |
| Comments |
| Comment by Tim Earle [ 07/Oct/15 12:50 PM ] |
|
Apparently the "clone" feature doesn't allow you to make updates to the ticket details.
The affected version is 6.0.4 and reproducible using mercurial. |
| Comment by Steve Luo [ 08/Oct/15 02:02 PM ] |
| The {{@}} symbol is already replaced with {{%40}}. I have tested with QuickBuild 6.0.4 and later versions and can't find the problem. |
| Comment by Steve Luo [ 08/Oct/15 02:05 PM ] |
|
You go to the configuration workspace directory and view below file to confirm the url is replaced or not:
.qbcache/qb-scm.xml |
| Comment by Tim Earle [ 19/Oct/15 02:08 PM ] |
| Please cancel the issue. It was a configuration issue on our end. Thanks! |