Commit dbd9d8d4 authored by Dmitry Medvinsky's avatar Dmitry Medvinsky

Fix WebHook and special symbols in credentials

When using web hook with credentials secured web resource, one needs to
put the credentials in the hook URL.

If the credentials contain special symbols (e.g. @ or #), it should be
URL-quoted (e.g. %40 instead of @).

But when Gitlab is making a request, it should unquote the symbols
before base64-encoding them.
parent 292dffc2
...@@ -28,10 +28,14 @@ class WebHook < ActiveRecord::Base ...@@ -28,10 +28,14 @@ class WebHook < ActiveRecord::Base
WebHook.post(url, body: data.to_json, headers: { "Content-Type" => "application/json" }) WebHook.post(url, body: data.to_json, headers: { "Content-Type" => "application/json" })
else else
post_url = url.gsub("#{parsed_url.userinfo}@", "") post_url = url.gsub("#{parsed_url.userinfo}@", "")
auth = {
username: URI.decode(parsed_url.user),
password: URI.decode(parsed_url.password),
}
WebHook.post(post_url, WebHook.post(post_url,
body: data.to_json, body: data.to_json,
headers: {"Content-Type" => "application/json"}, headers: {"Content-Type" => "application/json"},
basic_auth: {username: parsed_url.user, password: parsed_url.password}) basic_auth: auth)
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment