Escapes for various elements (urls, json, slack payload, directories, commit log contents) #39
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…eader.
- if the replacement contains a '&' sed behaves differently. this fix avoids
feeding URLs on the replacement side of sed commands. query strings may
choke on it.
ex. echo "123" | sed -e 's/2/T&O/g'
# prints '1T2O3'
- sed doesn't support non-greedy .* tokenization of git-log was broken.
the command pipeline is replaced with tokenization using bash suffix
match. easy to follow, fast, and straightforward to maintain.
- the @,,,,@ and ;,,,,; separators have been replaced with pseudorandom
boundary strings. safer. 7*15bits of entropy (poorman's uuid).
- json escapes for just \n \" and \\ was insufficient. using python
oneliner to escape unicode.
… now. URLs containing '&' would trigger 400 invalid_payload slack errors. POST body needs to be urlencoded.
|
Any chance this could be merged? I came across the '&' in changeset URL issue which I fixed very crudely (by escaping it in the |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request is concerned with escaping and encoding fixes. I've uncovered several problems, trying to set hooks for a cGit web viewer on a gitolite repository system.
's/foo\(.*\)bar/\1/g'. any "bar" substring would get gobbed up in the group. Alternatives to make the grouping non-greedy, such as [^x]*, introduce ambiguities and negative lookaheads are difficult to maintain. This is an improved version of pull request Fix malformed payload when bundeling multiple commits #36 , Fix broken multiline commit messages and multiple commits #27 (which didn't fix the issue completely).titleandvalueare first extracted, and then inserted into a json string. The previous shell pipeline conflated the two tasks. The resulting code is much easier to extend.sed "s/%hash%/$url/g"produces unexpected results without escaping$urlfor special sed-interpreted character commands (like '&'). For these forms, the patch provides workarounds that avoid the need to escape URLs -- but produce the same output.?id=abcabc&id2=defdef). These query strings wreak havoc on the sed substitutions. Users shouldn't have to escape URLs in their config. Fixes issue message garbled with multiple commits in push #24.$(basename $foo)are changed to$(basename "$foo").\ufffd.curl -dis assumed to be already encoded. the patch uses--data-urlencodeinstead to ask curl to perform url encoding. This bit of the patch resolves issue Specify in documentation that Nice Names must be URL-encoded #38 and Post failed when '&' include #28.