1
0
Fork 0
mirror of https://we.phorge.it/source/arcanist.git synced 2024-11-22 14:52:40 +01:00

Validate Arcanist install-certificate URIs more carefully

Summary: Fixes T11222. This was lazy-future-proofed for Conduit SSH support, but users are boundlessly creative. Check protocols explicitly.

Test Plan:
```
$ arc install-certificate a.b:1/
Usage Exception: Server URI "a.b:1/" must include the "http" or "https" protocol. It should be in the form "https://phabricator.example.com/".
```

  - Also went through a successful workflow with a URI in the form provided in the example.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11222

Differential Revision: https://secure.phabricator.com/D16188
This commit is contained in:
epriestley 2016-06-28 14:43:41 -07:00
parent 2374403e8f
commit 4d4d16f259

View file

@ -196,14 +196,31 @@ EOTEXT
$uri = $conduit_uri;
}
$example = 'https://phabricator.example.com/';
$uri_object = new PhutilURI($uri);
if (!$uri_object->getProtocol() || !$uri_object->getDomain()) {
$protocol = $uri_object->getProtocol();
if (!$protocol || !$uri_object->getDomain()) {
throw new ArcanistUsageException(
pht(
'Server URI "%s" must include a protocol and domain. It should be '.
'in the form "%s".',
$uri,
'https://phabricator.example.com/'));
$example));
}
$protocol = $uri_object->getProtocol();
switch ($protocol) {
case 'http':
case 'https':
break;
default:
throw new ArcanistUsageException(
pht(
'Server URI "%s" must include the "http" or "https" protocol. '.
'It should be in the form "%s".',
$uri,
$example));
}
$uri_object->setPath('/api/');