YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Handle permission regexes that may start with ^ or \

Browse source
This commit is contained in:
Alexandre Aubin 2020-12-28 16:58:50 +01:00 committed by GitHub
parent 0c977d8c70
commit bdff5937f0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
src/yunohost/permission.py
View file

@ -668,6 +668,9 @@ def _validate_and_sanitize_permission_url(url, app_base_path, app):
For example:
re:/api/[A-Z]*$ -> domain.tld/app/api/[A-Z]*$
re:domain.tld/app/api/[A-Z]*$ -> domain.tld/app/api/[A-Z]*$
We can also have less-trivial regexes like:
re:^\/api\/.*|\/scripts\/api.js$
"""
from yunohost.domain import domain_list
@ -692,9 +695,9 @@ def _validate_and_sanitize_permission_url(url, app_base_path, app):
if url.startswith('re:'):
# regex without domain
if url.startswith('re:/'):
validate_regex(url[4:])
# we check for the first char after 're:'
if url[3] in ['/', '^', '\\']:
validate_regex(url[3:])
return url
# regex with domain