mirror of
https://github.com/yattee/yattee.git
synced 2024-12-22 13:33:42 +00:00
sanitise user and password in url
Signed-off-by: Toni Förster <toni.foerster@gmail.com>
This commit is contained in:
parent
772e5016c4
commit
cea2684a29
@ -10,11 +10,28 @@ struct AccountsBridge: Defaults.Bridge {
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Parse the urlString to check for embedded username and password
|
||||||
|
var sanitizedUrlString = value.urlString
|
||||||
|
if var urlComponents = URLComponents(string: value.urlString) {
|
||||||
|
if let user = urlComponents.user, let password = urlComponents.password {
|
||||||
|
// Sanitize the embedded username and password
|
||||||
|
let sanitizedUser = user.addingPercentEncoding(withAllowedCharacters: .urlUserAllowed) ?? user
|
||||||
|
let sanitizedPassword = password.addingPercentEncoding(withAllowedCharacters: .urlPasswordAllowed) ?? password
|
||||||
|
|
||||||
|
// Update the URL components with sanitized credentials
|
||||||
|
urlComponents.user = sanitizedUser
|
||||||
|
urlComponents.password = sanitizedPassword
|
||||||
|
|
||||||
|
// Reconstruct the sanitized URL
|
||||||
|
sanitizedUrlString = urlComponents.string ?? value.urlString
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return [
|
return [
|
||||||
"id": value.id,
|
"id": value.id,
|
||||||
"instanceID": value.instanceID ?? "",
|
"instanceID": value.instanceID ?? "",
|
||||||
"name": value.name,
|
"name": value.name,
|
||||||
"apiURL": value.urlString,
|
"apiURL": sanitizedUrlString,
|
||||||
"username": value.username,
|
"username": value.username,
|
||||||
"password": value.password ?? ""
|
"password": value.password ?? ""
|
||||||
]
|
]
|
||||||
|
Loading…
Reference in New Issue
Block a user