Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

download_strategy: fix bad unescaping in basename parsing #15258

Merged
merged 1 commit into from Apr 18, 2023
Merged

download_strategy: fix bad unescaping in basename parsing #15258

merged 1 commit into from Apr 18, 2023

Conversation

Bo98
Copy link
Member

@Bo98 Bo98 commented Apr 18, 2023
edited

Fixes the core issue causing #15235.

  • Don't erroneously run URI.decode_www_form_component over the whole URL - only run that on query string parts and run other URI unescape methods on the path part
  • Don't rely on error-prone regexes or Pathname ascending when we can split it properly into an array from the URI parser

@Bo98 Bo98 mentioned this pull request Apr 18, 2023
Closed
7 tasks
apainintheneck
apainintheneck approved these changes Apr 18, 2023
View reviewed changes
Copy link
Contributor

@apainintheneck apainintheneck left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems to be a good improvement. Make sure that all the uses of AbstractFileDownloadStrategy#parse_basename will work with the new method though.

I wrote a small script to compare the old and new #parse_basename results and they're pretty similar. All of the differences seem to make sense too. It seems like it fixes the following problem too.

Before After
file=lft-3.91.tar.gz lft-3.91.tar.gz
file=libnatpmp-20150609.tar.gz libnatpmp-20150609.tar.gz

I wonder if it makes sense to add some tests for this method as well.

MikeMcQuaid
MikeMcQuaid approved these changes Apr 18, 2023
View reviewed changes
Copy link
Member

@MikeMcQuaid MikeMcQuaid left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great work so far, thanks @Bo98!

Library/Homebrew/download_strategy.rb Show resolved Hide resolved
Library/Homebrew/download_strategy.rb Outdated Show resolved Hide resolved
Library/Homebrew/download_strategy.rb Outdated Show resolved Hide resolved
Library/Homebrew/download_strategy.rb Outdated Show resolved Hide resolved
@Bo98
Copy link
Member Author

Bo98 commented Apr 18, 2023

I wrote a small script to compare the old and new #parse_basename results and they're pretty similar. All of the differences seem to make sense too. It seems like it fixes the following problem too.

Thanks!

Looks like no regressions here which is good to hear.

@Bo98 Bo98 force-pushed the download_strategy-escape-fix branch from 062057c to 6cf18e3 Compare April 18, 2023 12:43
@MikeMcQuaid MikeMcQuaid merged commit 22fb173 into Homebrew:master Apr 18, 2023
24 checks passed
@MikeMcQuaid
Copy link
Member

Thanks again @Bo98!

@Bo98 Bo98 deleted the download_strategy-escape-fix branch April 18, 2023 14:08
@github-actions github-actions bot added the outdated PR was locked due to age label May 19, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 19, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@reitermarkus reitermarkus reitermarkus left review comments

@MikeMcQuaid MikeMcQuaid MikeMcQuaid approved these changes

@apainintheneck apainintheneck apainintheneck approved these changes

Assignees
No one assigned
Labels
outdated PR was locked due to age
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@Bo98 @MikeMcQuaid @reitermarkus @apainintheneck