diff options
author | Grey Baker <greysteil@gmail.com> | 2019-01-14 20:46:12 +0000 |
---|---|---|
committer | Grey Baker <greysteil@gmail.com> | 2019-01-14 20:46:12 +0000 |
commit | 23ddab395df40692585e2fcc635dbf3e5ee1db2a (patch) | |
tree | 4d9f8168e9ddf7c8236516d034843efa03c34081 | |
parent | 95f9094c96d6923f9a7995b97ddb92b9c5c4bb96 (diff) | |
download | bundler-greysteil/show-notfound-uri.tar.gz |
Ensure credentials are masked in FallbackError from Net::HTTPNotFoundgreysteil/show-notfound-uri
-rw-r--r-- | lib/bundler/fetcher/downloader.rb | 2 | ||||
-rw-r--r-- | spec/bundler/fetcher/downloader_spec.rb | 9 |
2 files changed, 10 insertions, 1 deletions
diff --git a/lib/bundler/fetcher/downloader.rb b/lib/bundler/fetcher/downloader.rb index a75a36055d..87ad4140fd 100644 --- a/lib/bundler/fetcher/downloader.rb +++ b/lib/bundler/fetcher/downloader.rb @@ -37,7 +37,7 @@ module Bundler when Net::HTTPUnauthorized raise AuthenticationRequiredError, uri.host when Net::HTTPNotFound - raise FallbackError, "Net::HTTPNotFound: #{uri}" + raise FallbackError, "Net::HTTPNotFound: #{URICredentialsFilter.credential_filtered_uri(uri)}" else raise HTTPError, "#{response.class}#{": #{response.body}" unless response.body.empty?}" end diff --git a/spec/bundler/fetcher/downloader_spec.rb b/spec/bundler/fetcher/downloader_spec.rb index ac2c197956..07b507266b 100644 --- a/spec/bundler/fetcher/downloader_spec.rb +++ b/spec/bundler/fetcher/downloader_spec.rb @@ -91,6 +91,15 @@ RSpec.describe Bundler::Fetcher::Downloader do expect { subject.fetch(uri, options, counter) }. to raise_error(Bundler::Fetcher::FallbackError, "Net::HTTPNotFound: http://www.uri-to-fetch.com/api/v2/endpoint") end + + context "when the there are credentials provided in the request" do + let(:uri) { URI("http://username:password@www.uri-to-fetch.com/api/v2/endpoint") } + + it "should raise a Bundler::Fetcher::FallbackError that doesn't contain the password" do + expect { subject.fetch(uri, options, counter) }. + to raise_error(Bundler::Fetcher::FallbackError, "Net::HTTPNotFound: http://username@www.uri-to-fetch.com/api/v2/endpoint") + end + end end context "when the request response is some other type" do |