TAR and ZIP files must be able to use data reference names without special treatment #1314
Comments
de-jcup
added a commit
that referenced
this issue
May 6, 2022
- changed model validation, inspect now for illegal characters accepted only now: `a-z`,`0-9`,`-` or `_` - refactored existing parts from model validation: moved parts from abstract simple string validation into simple string utils and reused implementation - added some missing SPDX headers to sources - added test scases
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Situation
With #1098 we introduced the
dataconfiguration element which source an binary configuration elements have unique names which can be referenced.Currently following is validated:
But the names can be everything.
While writing documentation about
dataindata-section parts inside documentation #1218it became clear that when the names are used for tar and zip structures they
must be valid file pathes as well.
But currently they aren't! If we would use "~/" or "../.../" this would be very problematic...
Wanted
TAR and ZIP files must be able to use always the unique data reference names
without any encoding or escaping mechanism.
Solution
We simply add another validation to the sechub configuration model:
We only accept reference names which do contain
a-z,0-9,-or_The text was updated successfully, but these errors were encountered: