-
Notifications
You must be signed in to change notification settings - Fork 223
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
S2068: Support colon in uri password #6199
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. There is a typo and the additionalCharacters
parameter should be made optional.
var loginGroup = CreateUserInfoGroup("Login", null); | ||
var passwordGroup = CreateUserInfoGroup("Password", ":"); // Additional ":" to capture passwords containing it | ||
uriUserInfoPattern = new Regex(@$"\w+:\/\/{loginGroup}:{passwordGroup}@", RegexOptions.Compiled); | ||
this.configuration = configuration; | ||
rule = Language.CreateDescriptor(DiagnosticId, MessageFormat); | ||
CredentialWords = DefaultCredentialWords; // Property will initialize multiple state variables | ||
|
||
static string CreateUserInfoGroup(string name, string additionalCharacterss) => | ||
$@"(?<{name}>[\w\d{Regex.Escape(UriPasswordSpecialCharacters)}{additionalCharacterss}]+)"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Typo and small improvement
var loginGroup = CreateUserInfoGroup("Login", null); | |
var passwordGroup = CreateUserInfoGroup("Password", ":"); // Additional ":" to capture passwords containing it | |
uriUserInfoPattern = new Regex(@$"\w+:\/\/{loginGroup}:{passwordGroup}@", RegexOptions.Compiled); | |
this.configuration = configuration; | |
rule = Language.CreateDescriptor(DiagnosticId, MessageFormat); | |
CredentialWords = DefaultCredentialWords; // Property will initialize multiple state variables | |
static string CreateUserInfoGroup(string name, string additionalCharacterss) => | |
$@"(?<{name}>[\w\d{Regex.Escape(UriPasswordSpecialCharacters)}{additionalCharacterss}]+)"; | |
var loginGroup = CreateUserInfoGroup("Login"); | |
var passwordGroup = CreateUserInfoGroup("Password", ":"); // Additional ":" to capture passwords containing it | |
uriUserInfoPattern = new Regex(@$"\w+:\/\/{loginGroup}:{passwordGroup}@", RegexOptions.Compiled); | |
this.configuration = configuration; | |
rule = Language.CreateDescriptor(DiagnosticId, MessageFormat); | |
CredentialWords = DefaultCredentialWords; // Property will initialize multiple state variables | |
static string CreateUserInfoGroup(string name, string additionalCharacters = null) => | |
$@"(?<{name}>[\w\d{Regex.Escape(UriPasswordSpecialCharacters)}{additionalCharacters}]+)"; |
Kudos, SonarCloud Quality Gate passed! |
Kudos, SonarCloud Quality Gate passed! |
https://www.rfc-editor.org/rfc/rfc3986#section-3.2.1 defines userInfo as
therefore
:
is valid part of the password