Merge pull request #4324 from oliverguenther/fix/double-escaping

Fix double escaping of repository path params
pull/4327/head
Markus Kahl 9 years ago
commit 9cb65eb00a
  1. 2
      app/controllers/repositories_controller.rb
  2. 2
      app/helpers/application_helper.rb
  3. 21
      spec/controllers/repositories_controller_spec.rb
  4. 8
      spec/routing/repositories_routing_spec.rb

@ -310,7 +310,7 @@ class RepositoriesController < ApplicationController
# Prepare checkout instructions
# available on all pages (even empty!)
@path = CGI.unescape(params[:path] || '')
@path = params[:path] || ''
@instructions = ::Scm::CheckoutInstructionsService.new(@repository, path: @path)
# Asserts repository availability, or renders an appropriate error

@ -346,7 +346,7 @@ module ApplicationHelper
end
def to_path_param(path)
CGI.escape(path.to_s)
path.to_s
end
def reorder_links(name, url, options = {})

@ -252,6 +252,27 @@ describe RepositoriesController, type: :controller do
end
end
describe 'show' do
render_views
let(:role) { FactoryGirl.create(:role, permissions: [:browse_repository]) }
before do
get :show, project_id: project.identifier, path: path
end
shared_examples 'renders the repository' do |active_breadcrumb|
it do
expect(response).to be_success
expect(response.body).to have_selector('.repository-breadcrumbs', text: active_breadcrumb)
end
end
context 'with special characters' do
let(:path) { 'subversion_test/[folder_with_brackets]' }
it_behaves_like 'renders the repository', '[folder_with_brackets]'
end
end
describe 'checkout path' do
render_views

@ -45,6 +45,14 @@ describe RepositoriesController, type: :routing do
path: 'path/to/file.c')
}
it {
expect(get('/projects/testproject/repository/folder%20with%20spaces'))
.to route_to(controller: 'repositories',
action: 'show',
project_id: 'testproject',
path: 'folder with spaces')
}
it {
expect(get('/projects/testproject/repository/revisions/5'))
.to route_to(controller: 'repositories',

Loading…
Cancel
Save