summaryrefslogtreecommitdiffstats
path: root/modules
diff options
context:
space:
mode:
authorLunny Xiao <xiaolunwen@gmail.com>2022-03-27 13:54:09 +0200
committerGitHub <noreply@github.com>2022-03-27 13:54:09 +0200
commitc29fbc6d2316b8b42b37c3b379eb2297f7a93aeb (patch)
tree4583000b6e93fd6481bd013011cd58e3272aefad /modules
parentDo not include global arguments in process manager (#19226) (diff)
downloadforgejo-c29fbc6d2316b8b42b37c3b379eb2297f7a93aeb.tar.xz
forgejo-c29fbc6d2316b8b42b37c3b379eb2297f7a93aeb.zip
Hide sensitive content on admin panel progress monitor (#19218)
Sanitize urls within git process descriptions. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Andrew Thornton <art27@cantab.net>
Diffstat (limited to 'modules')
-rw-r--r--modules/git/command.go17
-rw-r--r--modules/git/repo.go12
2 files changed, 28 insertions, 1 deletions
diff --git a/modules/git/command.go b/modules/git/command.go
index ac26ef8689..8199498a2b 100644
--- a/modules/git/command.go
+++ b/modules/git/command.go
@@ -17,6 +17,7 @@ import (
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/process"
+ "code.gitea.io/gitea/modules/util"
)
var (
@@ -142,7 +143,21 @@ func (c *Command) RunWithContext(rc *RunContext) error {
desc := c.desc
if desc == "" {
- desc = fmt.Sprintf("%s %s [repo_path: %s]", c.name, strings.Join(c.args[c.globalArgsLength:], " "), rc.Dir)
+ args := c.args[c.globalArgsLength:]
+ var argSensitiveURLIndexes []int
+ for i, arg := range c.args {
+ if strings.Contains(arg, "://") && strings.Contains(arg, "@") {
+ argSensitiveURLIndexes = append(argSensitiveURLIndexes, i)
+ }
+ }
+ if len(argSensitiveURLIndexes) > 0 {
+ args = make([]string, len(c.args))
+ copy(args, c.args)
+ for _, urlArgIndex := range argSensitiveURLIndexes {
+ args[urlArgIndex] = util.NewStringURLSanitizer(args[urlArgIndex], true).Replace(args[urlArgIndex])
+ }
+ }
+ desc = fmt.Sprintf("%s %s [repo_path: %s]", c.name, strings.Join(args, " "), rc.Dir)
}
ctx, cancel, finished := process.GetManager().AddContextTimeout(c.parentContext, rc.Timeout, desc)
diff --git a/modules/git/repo.go b/modules/git/repo.go
index 5ba39ac7e3..b886d5ed45 100644
--- a/modules/git/repo.go
+++ b/modules/git/repo.go
@@ -19,6 +19,7 @@ import (
"time"
"code.gitea.io/gitea/modules/proxy"
+ "code.gitea.io/gitea/modules/util"
)
// GPGSettings represents the default GPG settings for this repository
@@ -154,6 +155,12 @@ func CloneWithArgs(ctx context.Context, from, to string, args []string, opts Clo
}
cmd.AddArguments("--", from, to)
+ if strings.Contains(from, "://") && strings.Contains(from, "@") {
+ cmd.SetDescription(fmt.Sprintf("clone branch %s from %s to %s (shared: %t, mirror: %t, depth: %d)", opts.Branch, util.NewStringURLSanitizer(from, true).Replace(from), to, opts.Shared, opts.Mirror, opts.Depth))
+ } else {
+ cmd.SetDescription(fmt.Sprintf("clone branch %s from %s to %s (shared: %t, mirror: %t, depth: %d)", opts.Branch, from, to, opts.Shared, opts.Mirror, opts.Depth))
+ }
+
if opts.Timeout <= 0 {
opts.Timeout = -1
}
@@ -201,6 +208,11 @@ func Push(ctx context.Context, repoPath string, opts PushOptions) error {
if len(opts.Branch) > 0 {
cmd.AddArguments(opts.Branch)
}
+ if strings.Contains(opts.Remote, "://") && strings.Contains(opts.Remote, "@") {
+ cmd.SetDescription(fmt.Sprintf("push branch %s to %s (force: %t, mirror: %t)", opts.Branch, util.NewStringURLSanitizer(opts.Remote, true).Replace(opts.Remote), opts.Force, opts.Mirror))
+ } else {
+ cmd.SetDescription(fmt.Sprintf("push branch %s to %s (force: %t, mirror: %t)", opts.Branch, opts.Remote, opts.Force, opts.Mirror))
+ }
var outbuf, errbuf strings.Builder
if opts.Timeout == 0 {