diff options
| author | Harsh Shandilya <me@msfjarvis.dev> | 2021-04-04 01:21:34 +0530 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-04-03 19:51:34 +0000 |
| commit | cf5f0eae3a5dbaf36b17425e4c8d5d8dc43e6866 (patch) | |
| tree | e24a9740120142bb36a9b90eddf48caad1a2c7dd | |
| parent | c10703db49528c7a0b8831659b2698d3218ba9ee (diff) | |
Actively discourage use of git protocol (#1368)
| -rw-r--r-- | CHANGELOG.md | 1 | ||||
| -rw-r--r-- | app/src/main/java/dev/msfjarvis/aps/ui/git/config/GitServerConfigActivity.kt | 9 | ||||
| -rw-r--r-- | app/src/main/res/values/strings.xml | 2 |
3 files changed, 12 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 6c1ed385..245170e4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -24,6 +24,7 @@ All notable changes to this project will be documented in this file. - Accessibility autofill has been removed completely due to being buggy, insecure and lacking in features. Upgrade to Android 8 or preferably later to gain access to our advanced Autofill implementation. - The settings UI has been completely re-done to dramatically improve discoverability and navigation for users +- Using the `git://` protocol in the server URL now presents an explicit discouragement rather than a generic error ## [1.13.4] - 2021-03-20 diff --git a/app/src/main/java/dev/msfjarvis/aps/ui/git/config/GitServerConfigActivity.kt b/app/src/main/java/dev/msfjarvis/aps/ui/git/config/GitServerConfigActivity.kt index 56d9c043..372d5863 100644 --- a/app/src/main/java/dev/msfjarvis/aps/ui/git/config/GitServerConfigActivity.kt +++ b/app/src/main/java/dev/msfjarvis/aps/ui/git/config/GitServerConfigActivity.kt @@ -116,6 +116,15 @@ class GitServerConfigActivity : BaseGitActivity() { return@setOnClickListener } } + if (newUrl.startsWith("git://")) { + BasicBottomSheet.Builder(this) + .setTitleRes(R.string.git_scheme_disallowed_title) + .setMessageRes(R.string.git_scheme_disallowed_message) + .setPositiveButtonClickListener {} + .build() + .show(supportFragmentManager, "SSH_SCHEME_WARNING") + return@setOnClickListener + } when (val updateResult = GitSettings.updateConnectionSettingsIfValid( newAuthMode = newAuthMode, diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml index b9a371d8..e077bf11 100644 --- a/app/src/main/res/values/strings.xml +++ b/app/src/main/res/values/strings.xml @@ -389,6 +389,8 @@ <string name="ssh_scheme_needed_message">It appears that your URL contains a custom port, but does not specify the ssh:// scheme.\nThis can cause the port to be considered a part of your path. Press OK here to fix the URL.</string> <string name="https_scheme_with_port_title">HTTPS URL with custom port</string> <string name="https_scheme_with_port_message">It looks like you are using a HTTPS URL with a custom port. This is not supported, and will cause problems down the line. Press OK to remove the port from your URL.</string> + <string name="git_scheme_disallowed_title">Using the git:// protocol is discouraged</string> + <string name="git_scheme_disallowed_message">The git protocol provided by git-daemon performs no transport encryption and is unsuitable for secure operations.</string> <!-- Proxy configuration activity --> <string name="proxy_hostname">Proxy hostname</string> |