Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sanitize / as separator between project and package on osc command line #395

Open
e4t opened this issue Mar 14, 2018 · 0 comments
Open

sanitize / as separator between project and package on osc command line #395

e4t opened this issue Mar 14, 2018 · 0 comments
Assignees
@dmach

Comments

@e4t
Copy link
Contributor

e4t commented Mar 14, 2018

Project and package may be separated by a space or slash '/' on the command line of the obs CLI. When parsing the command line what happens is that the parser interprets project/package as one argument (as the project) and passes this to a URL builder. In the URI project and package are separated by a single '/', thus a 'foo/bar' will be interpreted as a project 'foo' with package 'bar'. However, specifying multiple consecutive '/' may lead to unintended results: the form 'foo//bar' is passed up to the backend which isn't able to handle the '//' gracefully:
osc copypac -e -K openSUSE:Factory coreutils home://coreutls.Factory
may lead to all of Factory being copied over to ones home.
Since the slash is used as a directory separator in paths where multiple slashes are collapsed to one, it is not ruled out that this mistake happens.
Thus a sanitation of '/' characters should occur before they are placed into an URL.
@lethliel lethliel self-assigned this May 3, 2018
@dmach dmach assigned dmach and unassigned lethliel May 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dmach dmach

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dmach @e4t @lethliel