Skip to content

Throw error on https:// and http:// prefix if present in allowed host value #461

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
baywet merged 3 commits into from
Jan 28, 2025
Merged

Throw error on https:// and http:// prefix if present in allowed host value #461

baywet merged 3 commits into from
Jan 28, 2025

Conversation

@svrooij
Copy link
Contributor

@svrooij svrooij commented Jan 26, 2025
edited
Loading

Fixes #201

Add error handling for 'https://' and 'http://' prefixes in allowed host values.

  • Modify AllowedHostsValidator class in packages/abstractions/kiota_abstractions/authentication/allowed_hosts_validator.py to throw a ValueError if any allowed host contains 'https://' or 'http://' prefix.
  • Add a check in the __init__ method and set_allowed_hosts method to throw a ValueError if any allowed host contains 'https://' or 'http://' prefix.
  • Add tests in packages/abstractions/tests/authentication/test_api_key_authentication_provider.py to verify that a ValueError is thrown when 'https://' or 'http://' prefix is present in allowed host value.

For more details, open the Copilot Workspace session.

@svrooij
Throw error on https:// and http:// prefix if present in allowed …
9a69be4 
…host value

Fixes microsoft#201

Add error handling for 'https://' and 'http://' prefixes in allowed host values.

* Modify `AllowedHostsValidator` class in `packages/abstractions/kiota_abstractions/authentication/allowed_hosts_validator.py` to throw a `ValueError` if any allowed host contains 'https://' or 'http://' prefix.
* Add a check in the `__init__` method and `set_allowed_hosts` method to throw a `ValueError` if any allowed host contains 'https://' or 'http://' prefix.
* Add tests in `packages/abstractions/tests/authentication/test_api_key_authentication_provider.py` to verify that a `ValueError` is thrown when 'https://' or 'http://' prefix is present in allowed host value.

---

For more details, open the [Copilot Workspace session](https://copilot-workspace.githubnext.com/microsoft/kiota-python/issues/201?shareId=XXXX-XXXX-XXXX-XXXX).
@svrooij svrooij requested a review from a team as a code owner January 26, 2025 13:53
baywet
baywet previously approved these changes Jan 26, 2025
View reviewed changes
Copy link
Member

@baywet baywet left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the contribution!

@baywet baywet enabled auto-merge (squash) January 28, 2025 14:14
@sonarqubecloud
Copy link

sonarqubecloud bot commented Jan 28, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@baywet baywet merged commit d259efa into microsoft:main Jan 28, 2025
53 checks passed
@baywet baywet added the release-please:force-run used to force releases with RP label Jan 28, 2025
@release-please release-please bot removed the release-please:force-run used to force releases with RP label Jan 28, 2025
@baywet baywet mentioned this pull request Jan 28, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@baywet baywet baywet approved these changes

+1 more reviewer

@andrueastman andrueastman andrueastman left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

Kiota
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Throw error on https:// and http:// prefix if present in allowed host value

3 participants

@svrooij @andrueastman @baywet