diff options
author | Joyce Er <joyce.er@microsoft.com> | 2022-05-10 21:32:02 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-05-10 21:32:02 +0300 |
commit | c5da5332d54f610b1b3e6dd9ea9b699971b57407 (patch) | |
tree | a8ac8c46794970396c6d77befc9fe8acdb660adb | |
parent | 8965a0211494f0ec658c628bab407c1c8555e028 (diff) |
git: validate URI for clone command (#149180)
Co-authored-by: Ladislau Szomoru <3372902+lszomoru@users.noreply.github.com>
-rw-r--r-- | extensions/git/src/protocolHandler.ts | 22 |
1 files changed, 21 insertions, 1 deletions
diff --git a/extensions/git/src/protocolHandler.ts b/extensions/git/src/protocolHandler.ts index 2b1a204c603..c0c3f2a6527 100644 --- a/extensions/git/src/protocolHandler.ts +++ b/extensions/git/src/protocolHandler.ts @@ -7,6 +7,8 @@ import { UriHandler, Uri, window, Disposable, commands } from 'vscode'; import { dispose } from './util'; import * as querystring from 'querystring'; +const schemes = new Set(['file', 'git', 'http', 'https', 'ssh']); + export class GitProtocolHandler implements UriHandler { private disposables: Disposable[] = []; @@ -26,9 +28,27 @@ export class GitProtocolHandler implements UriHandler { if (!data.url) { console.warn('Failed to open URI:', uri); + return; + } + + if (Array.isArray(data.url) && data.url.length === 0) { + console.warn('Failed to open URI:', uri); + return; + } + + let cloneUri: Uri; + try { + cloneUri = Uri.parse(Array.isArray(data.url) ? data.url[0] : data.url, true); + if (!schemes.has(cloneUri.scheme.toLowerCase())) { + throw new Error('Unsupported scheme.'); + } + } + catch (ex) { + console.warn('Invalid URI:', uri); + return; } - commands.executeCommand('git.clone', data.url); + commands.executeCommand('git.clone', cloneUri.toString(true)); } dispose(): void { |