[前][次][番号順一覧][スレッド一覧]

ruby-changes:44094

From: tenderlove <ko1@a...>
Date: Fri, 16 Sep 2016 06:45:42 +0900 (JST)
Subject: [ruby-changes:44094] tenderlove:r56166 (trunk): Don't include bad password in URI exception output

tenderlove	2016-09-16 06:44:56 +0900 (Fri, 16 Sep 2016)

  New Revision: 56166

  https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=56166

  Log:
    Don't include bad password in URI exception output
    
    We shouldn't include the bad password in the URI exception output
    message.  Just knowing that there is a bad password is enough
    information.

  Modified files:
    trunk/ChangeLog
    trunk/lib/uri/generic.rb
    trunk/test/uri/test_generic.rb
Index: test/uri/test_generic.rb
===================================================================
--- test/uri/test_generic.rb	(revision 56165)
+++ test/uri/test_generic.rb	(revision 56166)
@@ -749,6 +749,15 @@ class URI::TestGeneric < Test::Unit::Tes https://github.com/ruby/ruby/blob/trunk/test/uri/test_generic.rb#L749
     assert_equal('foo:xyzzy', uri.to_s)
   end
 
+  def test_bad_password_component
+    uri = URI.parse('http://foo:bar@baz')
+    password = 'foo@bar'
+    e = assert_raise(URI::InvalidComponentError) do
+      uri.password = password
+    end
+    refute_match password, e.message
+  end
+
   def test_set_scheme
     uri = URI.parse 'HTTP://example'
 
Index: lib/uri/generic.rb
===================================================================
--- lib/uri/generic.rb	(revision 56165)
+++ lib/uri/generic.rb	(revision 56166)
@@ -428,7 +428,7 @@ module URI https://github.com/ruby/ruby/blob/trunk/lib/uri/generic.rb#L428
 
       if parser.regexp[:USERINFO] !~ v
         raise InvalidComponentError,
-          "bad component(expected user component): #{v}"
+          "bad password component"
       end
 
       return true
Index: ChangeLog
===================================================================
--- ChangeLog	(revision 56165)
+++ ChangeLog	(revision 56166)
@@ -1,3 +1,10 @@ https://github.com/ruby/ruby/blob/trunk/ChangeLog#L1
+Fri Sep 16 06:43:25 2016  Aaron Patterson <tenderlove@r...>
+
+	* lib/uri/generic.rb (def check_password): don't include bad password
+	  in URI exception output
+
+	* test/uri/test_generic.rb (def test_set_component): test for behavior
+
 Thu Sep 15 21:40:03 2016  Kazuhiro NISHIYAMA  <zn@m...>
 
 	* doc/extension.ja.rdoc: Fix file name.

--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/

[前][次][番号順一覧][スレッド一覧]