diff options
author | James Lopez <james@jameslopez.es> | 2018-12-05 16:31:43 +0300 |
---|---|---|
committer | Yorick Peterse <yorickpeterse@gmail.com> | 2019-01-31 18:51:16 +0300 |
commit | 57f082d969eae04112172495bb099e634069856c (patch) | |
tree | ef376ce36a8dc736ecd8082e2d1674880bed2fa7 /app/services/projects/import_error_filter.rb | |
parent | 8a948a20bcccefcb440b973d750b9df8648743e9 (diff) |
Fix path disclosure on Project Import
Diffstat (limited to 'app/services/projects/import_error_filter.rb')
-rw-r--r-- | app/services/projects/import_error_filter.rb | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/app/services/projects/import_error_filter.rb b/app/services/projects/import_error_filter.rb new file mode 100644 index 00000000000..a0fc5149bb4 --- /dev/null +++ b/app/services/projects/import_error_filter.rb @@ -0,0 +1,14 @@ +# frozen_string_literal: true + +module Projects + # Used by project imports, it removes any potential paths + # included in an error message that could be stored in the DB + class ImportErrorFilter + ERROR_MESSAGE_FILTER = /[^\s]*#{File::SEPARATOR}[^\s]*(?=(\s|\z))/ + FILTER_MESSAGE = '[FILTERED]' + + def self.filter_message(message) + message.gsub(ERROR_MESSAGE_FILTER, FILTER_MESSAGE) + end + end +end |