mirror of
https://github.com/go-gitea/gitea
synced 2024-11-16 07:04:25 +00:00
6e7d28cf3a
There was an unfortunate regression in #14293 which has led to the double decoding of url parameter elements if they contain a '%'. This is due to an issue with the way chi decodes its RoutePath. In detail the problem lies in mux.go where the routeHTTP path uses the URL.RawPath or even the URL.Path instead of the escaped path to do routing. This PR simply forcibly sets the routePath to that of the EscapedPath. Fix #17938 Signed-off-by: Andrew Thornton <art27@cantab.net>
215 lines
5.5 KiB
Go
215 lines
5.5 KiB
Go
// Copyright 2018 The Gitea Authors. All rights reserved.
|
||
// Use of this source code is governed by a MIT-style
|
||
// license that can be found in the LICENSE file.
|
||
|
||
package integrations
|
||
|
||
import (
|
||
"net/http"
|
||
"net/url"
|
||
"path"
|
||
"testing"
|
||
|
||
"github.com/stretchr/testify/assert"
|
||
)
|
||
|
||
func testSrcRouteRedirect(t *testing.T, session *TestSession, user, repo, route, expectedLocation string, expectedStatus int) {
|
||
prefix := path.Join("/", user, repo, "src")
|
||
|
||
// Make request
|
||
req := NewRequest(t, "GET", path.Join(prefix, route))
|
||
resp := session.MakeRequest(t, req, http.StatusFound)
|
||
|
||
// Check Location header
|
||
location := resp.HeaderMap.Get("Location")
|
||
assert.Equal(t, path.Join(prefix, expectedLocation), location)
|
||
|
||
// Perform redirect
|
||
req = NewRequest(t, "GET", location)
|
||
resp = session.MakeRequest(t, req, expectedStatus)
|
||
}
|
||
|
||
func setDefaultBranch(t *testing.T, session *TestSession, user, repo, branch string) {
|
||
location := path.Join("/", user, repo, "settings/branches")
|
||
csrf := GetCSRF(t, session, location)
|
||
req := NewRequestWithValues(t, "POST", location, map[string]string{
|
||
"_csrf": csrf,
|
||
"action": "default_branch",
|
||
"branch": branch,
|
||
})
|
||
session.MakeRequest(t, req, http.StatusFound)
|
||
}
|
||
|
||
func TestNonasciiBranches(t *testing.T) {
|
||
testRedirects := []struct {
|
||
from string
|
||
to string
|
||
status int
|
||
}{
|
||
// Branches
|
||
{
|
||
from: "master",
|
||
to: "branch/master",
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "master/README.md",
|
||
to: "branch/master/README.md",
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "master/badfile",
|
||
to: "branch/master/badfile",
|
||
status: http.StatusNotFound, // it does not exists
|
||
},
|
||
{
|
||
from: "ГлавнаяВетка",
|
||
to: "branch/%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%D0%92%D0%B5%D1%82%D0%BA%D0%B0",
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "а/б/в",
|
||
to: "branch/%D0%B0/%D0%B1/%D0%B2",
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "Grüßen/README.md",
|
||
to: "branch/Gr%C3%BC%C3%9Fen/README.md",
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "Plus+Is+Not+Space",
|
||
to: "branch/Plus+Is+Not+Space",
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "Plus+Is+Not+Space/Файл.md",
|
||
to: "branch/Plus+Is+Not+Space/%D0%A4%D0%B0%D0%B9%D0%BB.md",
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "Plus+Is+Not+Space/and+it+is+valid.md",
|
||
to: "branch/Plus+Is+Not+Space/and+it+is+valid.md",
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "ブランチ",
|
||
to: "branch/%E3%83%96%E3%83%A9%E3%83%B3%E3%83%81",
|
||
status: http.StatusOK,
|
||
},
|
||
// Tags
|
||
{
|
||
from: "Тэг",
|
||
to: "tag/%D0%A2%D1%8D%D0%B3",
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "Ё/人",
|
||
to: "tag/%D0%81/%E4%BA%BA",
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "タグ",
|
||
to: "tag/%E3%82%BF%E3%82%B0",
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "タグ/ファイル.md",
|
||
to: "tag/%E3%82%BF%E3%82%B0/%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB.md",
|
||
status: http.StatusOK,
|
||
},
|
||
// Files
|
||
{
|
||
from: "README.md",
|
||
to: "branch/Plus+Is+Not+Space/README.md",
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "Файл.md",
|
||
to: "branch/Plus+Is+Not+Space/%D0%A4%D0%B0%D0%B9%D0%BB.md",
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "ファイル.md",
|
||
to: "branch/Plus+Is+Not+Space/%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB.md",
|
||
status: http.StatusNotFound, // it's not on default branch
|
||
},
|
||
// Same but url-encoded (few tests)
|
||
{
|
||
from: "%E3%83%96%E3%83%A9%E3%83%B3%E3%83%81",
|
||
to: "branch/%E3%83%96%E3%83%A9%E3%83%B3%E3%83%81",
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "%E3%82%BF%E3%82%b0",
|
||
to: "tag/%E3%82%BF%E3%82%B0",
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "%D0%A4%D0%B0%D0%B9%D0%BB.md",
|
||
to: "branch/Plus+Is+Not+Space/%D0%A4%D0%B0%D0%B9%D0%BB.md",
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "%D0%81%2F%E4%BA%BA",
|
||
to: "tag/%D0%81/%E4%BA%BA",
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "Ё%2F%E4%BA%BA",
|
||
to: "tag/%D0%81/%E4%BA%BA",
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "Plus+Is+Not+Space/%25%252525mightnotplaywell",
|
||
to: "branch/Plus+Is+Not+Space/%25%252525mightnotplaywell",
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "Plus+Is+Not+Space/%25253Fisnotaquestion%25253F",
|
||
to: "branch/Plus+Is+Not+Space/%25253Fisnotaquestion%25253F",
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "Plus+Is+Not+Space/" + url.PathEscape("%3Fis?and#afile"),
|
||
to: "branch/Plus+Is+Not+Space/" + url.PathEscape("%3Fis?and#afile"),
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "Plus+Is+Not+Space/10%25.md",
|
||
to: "branch/Plus+Is+Not+Space/10%25.md",
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "Plus+Is+Not+Space/" + url.PathEscape("This+file%20has 1space"),
|
||
to: "branch/Plus+Is+Not+Space/" + url.PathEscape("This+file%20has 1space"),
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "Plus+Is+Not+Space/" + url.PathEscape("This+file%2520has 2 spaces"),
|
||
to: "branch/Plus+Is+Not+Space/" + url.PathEscape("This+file%2520has 2 spaces"),
|
||
status: http.StatusOK,
|
||
},
|
||
{
|
||
from: "Plus+Is+Not+Space/" + url.PathEscape("£15&$6.txt"),
|
||
to: "branch/Plus+Is+Not+Space/" + url.PathEscape("£15&$6.txt"),
|
||
status: http.StatusOK,
|
||
},
|
||
}
|
||
|
||
defer prepareTestEnv(t)()
|
||
|
||
user := "user2"
|
||
repo := "utf8"
|
||
session := loginUser(t, user)
|
||
|
||
setDefaultBranch(t, session, user, repo, "Plus+Is+Not+Space")
|
||
|
||
for _, test := range testRedirects {
|
||
testSrcRouteRedirect(t, session, user, repo, test.from, test.to, test.status)
|
||
}
|
||
|
||
setDefaultBranch(t, session, user, repo, "master")
|
||
|
||
}
|