* Rejects a host that is structurally unsafe to fetch with the caller's token. * * The host is later interpolated into `https:// /api/v4`, so anything that * could change the request's authority (userinfo `@`, an embedded path/query/ * fragment, whitespace, or control characters) must be re
(host: string, rawHost: string)
| 24 | * responsibility of the fetch layer. |
| 25 | */ |
| 26 | function assertSafeGitLabHostString(host: string, rawHost: string): void { |
| 27 | const hostnameWithoutPort = host.replace(/:\d+$/, '') |
| 28 | const allowedHostChars = /^[A-Za-z0-9.-]+$/ |
| 29 | if (!allowedHostChars.test(hostnameWithoutPort)) { |
| 30 | throw new UnsafeGitLabHostError(rawHost) |
| 31 | } |
| 32 | if (hostnameWithoutPort.startsWith('.') || hostnameWithoutPort.endsWith('.')) { |
| 33 | throw new UnsafeGitLabHostError(rawHost) |
| 34 | } |
| 35 | if (hostnameWithoutPort.split('.').some((label) => label.length === 0)) { |
| 36 | throw new UnsafeGitLabHostError(rawHost) |
| 37 | } |
| 38 | } |
| 39 | |
| 40 | /** |
| 41 | * Normalizes a GitLab host value: trims whitespace, strips any protocol prefix |
no test coverage detected