summaryrefslogtreecommitdiff
path: root/app/src/main
diff options
context:
space:
mode:
authorHarsh Shandilya <msfjarvis@gmail.com>2020-04-19 17:13:39 +0530
committerGitHub <noreply@github.com>2020-04-19 17:13:39 +0530
commit99aa0d9bb2b3af2e48fcea04bc5cee8b03a7b75a (patch)
treeedd450167d41686401e0db009884c6d946d6e341 /app/src/main
parent7ce883140139cf9f293d690129601349d6d9a4d0 (diff)
Validate hostname protocol before saving (#723)
* RFC: protocol validation * Use java.net.URL for saner parsing * Improve protocol correction; handle ssh:// Co-authored-by: Fabian Henneke <fabian@henneke.me> Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
Diffstat (limited to 'app/src/main')
-rw-r--r--app/src/main/java/com/zeapo/pwdstore/git/BaseGitActivity.kt29
1 files changed, 25 insertions, 4 deletions
diff --git a/app/src/main/java/com/zeapo/pwdstore/git/BaseGitActivity.kt b/app/src/main/java/com/zeapo/pwdstore/git/BaseGitActivity.kt
index 36dd95c4..8ccdd0c8 100644
--- a/app/src/main/java/com/zeapo/pwdstore/git/BaseGitActivity.kt
+++ b/app/src/main/java/com/zeapo/pwdstore/git/BaseGitActivity.kt
@@ -20,6 +20,8 @@ import com.zeapo.pwdstore.git.config.SshApiSessionFactory
import com.zeapo.pwdstore.utils.PasswordRepository
import com.zeapo.pwdstore.utils.getEncryptedPrefs
import java.io.File
+import java.net.MalformedURLException
+import java.net.URL
import timber.log.Timber
/**
@@ -36,8 +38,8 @@ abstract class BaseGitActivity : AppCompatActivity() {
lateinit var serverPath: String
lateinit var username: String
lateinit var email: String
- var identityBuilder: SshApiSessionFactory.IdentityBuilder? = null
- var identity: SshApiSessionFactory.ApiIdentity? = null
+ private var identityBuilder: SshApiSessionFactory.IdentityBuilder? = null
+ private var identity: SshApiSessionFactory.ApiIdentity? = null
lateinit var settings: SharedPreferences
private set
private lateinit var encryptedSettings: SharedPreferences
@@ -97,12 +99,31 @@ abstract class BaseGitActivity : AppCompatActivity() {
val portPart =
if (serverPort == "22" || serverPort.isEmpty()) "" else ":$serverPort"
// We have to specify the ssh scheme as this is the only way to pass a custom port.
- "ssh://$userPart$hostnamePart$portPart$pathPart"
+ val urlWithFreeEntryScheme = "$userPart$hostnamePart$portPart$pathPart"
+ val parsedUrl = try {
+ URL(urlWithFreeEntryScheme)
+ } catch (_: MalformedURLException) {
+ return false
+ }
+ if (parsedUrl.protocol == null)
+ "ssh://$urlWithFreeEntryScheme"
+ else
+ urlWithFreeEntryScheme
}
Protocol.Https -> {
val portPart =
if (serverPort == "443" || serverPort.isEmpty()) "" else ":$serverPort"
- "https://$hostnamePart$portPart$pathPart"
+ val urlWithFreeEntryScheme = "$hostnamePart$portPart$pathPart"
+ val parsedUrl = try {
+ URL(urlWithFreeEntryScheme)
+ } catch (_: MalformedURLException) {
+ return false
+ }
+ when (parsedUrl.protocol) {
+ null -> "https://$urlWithFreeEntryScheme"
+ "http" -> urlWithFreeEntryScheme.replaceFirst("http:", "https:")
+ else -> urlWithFreeEntryScheme
+ }
}
}
if (PasswordRepository.isInitialized)