Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Escape folder names in JGitUtils to allow special characters. #999 #1194

Closed
wants to merge 3 commits into from
Closed

Escape folder names in JGitUtils to allow special characters. #999 #1194

wants to merge 3 commits into from

Conversation

martinspielmann
Copy link
Contributor

@martinspielmann martinspielmann commented Jan 28, 2017

String.replaceFirst(String regex, String replacement) works with regex.

If a folder name contains chars which are parsed by regex, the replaceFirst will not work as expected.
E.g: if there is a pathString with value "[foo]/bar" and a path having the value "[foo]", then the expected behavior is to result in a string with value "bar".
Fortunately the path can easily be escaped using Pattern.quote()

@martinspielmann martinspielmann changed the title Escape folder names in JGitUtils to allow special characters. Fixes #999 Escape folder names in JGitUtils to allow special characters. #999 #1135 Jan 28, 2017
@@ -106,8 +106,21 @@ protected void setupPage(final UserModel userModel) {
final List<RegistrantAccessPermission> permissions = app().repositories().getUserAccessPermissions(userModel);

final Palette<String> teams = new Palette<String>("teams", new ListModel<String>(
new ArrayList<String>(userTeams)), new CollectionModel<String>(app().users()
.getAllTeamNames()), new StringChoiceRenderer(), 10, false);
new ArrayList<String>(userTeams)), new CollectionModel<String>(app().users().getAllTeamNames()),
Copy link
Owner

@gitblit gitblit Feb 8, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Assuming this change is necessary, I would expect we'd need it anywhere we use a palette for teams.

Copy link
Contributor Author

@martinspielmann martinspielmann Feb 8, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, you are perfectly right! Just tested and found the same behavior like described in #1135 also on the RepositoryEditPage.

Which alternatives would you prefer:

  • add proper escaping to all occurrences of teams within a form, so the submits work like expected
  • disallow special chars for team names

I will try to check this also against my local wicket-8 build. Maybe form content is escaped properly by default with a later wicket version..

EDIT: tested with wicket 8 and lot of special chars and it seems like they are causing errors on multiple pages. I would suggest to disallow special chars in team names by adding a validator.
Maybe [a-zA-Z0-9_-] ?

@martinspielmann martinspielmann changed the title Escape folder names in JGitUtils to allow special characters. #999 #1135 Escape folder names in JGitUtils to allow special characters. #999 Feb 24, 2017
@martinspielmann
Copy link
Contributor Author

@martinspielmann martinspielmann commented Feb 24, 2017

I reverted the code on UserEditPage for now, so the pull request only addresses #999
As the other issue might need further changes, it's better to handle it within a seperate PR

@flaix flaix added this to the 1.9.0 milestone Feb 27, 2017
@flaix
Copy link
Collaborator

@flaix flaix commented Jun 10, 2019

I cherry-picked the one commit that fixes #999. (3bff35c)
Closing this, considering it merged.

@flaix flaix closed this Jun 10, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants