diff options
author | Harsh Shandilya <msfjarvis@gmail.com> | 2020-04-19 17:13:39 +0530 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-04-19 17:13:39 +0530 |
commit | 99aa0d9bb2b3af2e48fcea04bc5cee8b03a7b75a (patch) | |
tree | edd450167d41686401e0db009884c6d946d6e341 /app/src/main/java | |
parent | 7ce883140139cf9f293d690129601349d6d9a4d0 (diff) |
Validate hostname protocol before saving (#723)
* RFC: protocol validation
* Use java.net.URL for saner parsing
* Improve protocol correction; handle ssh://
Co-authored-by: Fabian Henneke <fabian@henneke.me>
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
Diffstat (limited to 'app/src/main/java')
-rw-r--r-- | app/src/main/java/com/zeapo/pwdstore/git/BaseGitActivity.kt | 29 |
1 files changed, 25 insertions, 4 deletions
diff --git a/app/src/main/java/com/zeapo/pwdstore/git/BaseGitActivity.kt b/app/src/main/java/com/zeapo/pwdstore/git/BaseGitActivity.kt index 36dd95c4..8ccdd0c8 100644 --- a/app/src/main/java/com/zeapo/pwdstore/git/BaseGitActivity.kt +++ b/app/src/main/java/com/zeapo/pwdstore/git/BaseGitActivity.kt @@ -20,6 +20,8 @@ import com.zeapo.pwdstore.git.config.SshApiSessionFactory import com.zeapo.pwdstore.utils.PasswordRepository import com.zeapo.pwdstore.utils.getEncryptedPrefs import java.io.File +import java.net.MalformedURLException +import java.net.URL import timber.log.Timber /** @@ -36,8 +38,8 @@ abstract class BaseGitActivity : AppCompatActivity() { lateinit var serverPath: String lateinit var username: String lateinit var email: String - var identityBuilder: SshApiSessionFactory.IdentityBuilder? = null - var identity: SshApiSessionFactory.ApiIdentity? = null + private var identityBuilder: SshApiSessionFactory.IdentityBuilder? = null + private var identity: SshApiSessionFactory.ApiIdentity? = null lateinit var settings: SharedPreferences private set private lateinit var encryptedSettings: SharedPreferences @@ -97,12 +99,31 @@ abstract class BaseGitActivity : AppCompatActivity() { val portPart = if (serverPort == "22" || serverPort.isEmpty()) "" else ":$serverPort" // We have to specify the ssh scheme as this is the only way to pass a custom port. - "ssh://$userPart$hostnamePart$portPart$pathPart" + val urlWithFreeEntryScheme = "$userPart$hostnamePart$portPart$pathPart" + val parsedUrl = try { + URL(urlWithFreeEntryScheme) + } catch (_: MalformedURLException) { + return false + } + if (parsedUrl.protocol == null) + "ssh://$urlWithFreeEntryScheme" + else + urlWithFreeEntryScheme } Protocol.Https -> { val portPart = if (serverPort == "443" || serverPort.isEmpty()) "" else ":$serverPort" - "https://$hostnamePart$portPart$pathPart" + val urlWithFreeEntryScheme = "$hostnamePart$portPart$pathPart" + val parsedUrl = try { + URL(urlWithFreeEntryScheme) + } catch (_: MalformedURLException) { + return false + } + when (parsedUrl.protocol) { + null -> "https://$urlWithFreeEntryScheme" + "http" -> urlWithFreeEntryScheme.replaceFirst("http:", "https:") + else -> urlWithFreeEntryScheme + } } } if (PasswordRepository.isInitialized) |