Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve hostname validation #4118

Merged
merged 1 commit into from
Apr 30, 2021
Merged

Improve hostname validation #4118

merged 1 commit into from
Apr 30, 2021

Conversation

AlexTugarev
Copy link
Member

No description provided.

@AlexTugarev AlexTugarev requested a review from geropl April 30, 2021 10:19
geropl
geropl reviewed Apr 30, 2021
View reviewed changes
components/server/src/bitbucket/bitbucket-context-parser.spec.ts
@@ -18,7 +18,7 @@ import { BitbucketTokenHelper } from "./bitbucket-token-handler";
const expect = chai.expect;
import { skipIfEnvVarNotSet } from "@gitpod/gitpod-protocol/lib/util/skip-if";

@suite.only(timeout(10000), skipIfEnvVarNotSet("GITPOD_TEST_TOKEN_BITBUCKET"))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💯

geropl
geropl reviewed Apr 30, 2021
View reviewed changes
components/server/src/express-util.ts
const workspaceId = url.workspaceId;
if (workspaceId) {
const hostname = url.url.hostname as string;
if (hostname.startsWith(workspaceId)) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would be nice if we had one place for the workspace URL parsing. But might be out of scope for this PR, as it was here before, too.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

GitpodHostUrl does the URL parsing. Here we explicitly check, that the workspace-like hostname is not prefixed.
Ah, perhaps you mean to extract the computation of the prefix and move it to GitpodHostUrl? 🤷🏻‍♂️

geropl
geropl approved these changes Apr 30, 2021
View reviewed changes
Copy link
Member

@geropl geropl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested, works fine. Also, re-enables the test that failed because of this! ❤️

@AlexTugarev AlexTugarev merged commit b1c53ea into main Apr 30, 2021
@AlexTugarev AlexTugarev deleted the at/test branch April 30, 2021 10:25
@jankeromnes jankeromnes mentioned this pull request May 10, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@geropl geropl geropl approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@AlexTugarev @geropl