diff options
author | Samuel Giddins <segiddins@segiddins.me> | 2016-09-07 20:22:24 +0200 |
---|---|---|
committer | Samuel Giddins <segiddins@segiddins.me> | 2016-09-07 20:22:24 +0200 |
commit | 609f758a73fde232ba831cb5c32671a1c554e4d4 (patch) | |
tree | 0dff2043af174779f901340ef877fc402e4f7fb8 | |
parent | 4818f415d07e547533f48d3f6c59dfda2b73c3fd (diff) | |
download | bundler-seg-fail-invalid-uri-schemes.tar.gz |
Fail gracefully when attempting to request from an unknown URI schemeseg-fail-invalid-uri-schemes
-rw-r--r-- | lib/bundler/fetcher/downloader.rb | 11 | ||||
-rw-r--r-- | spec/install/gems/compact_index_spec.rb | 11 |
2 files changed, 22 insertions, 0 deletions
diff --git a/lib/bundler/fetcher/downloader.rb b/lib/bundler/fetcher/downloader.rb index c8d714c05a..ee1aa1a972 100644 --- a/lib/bundler/fetcher/downloader.rb +++ b/lib/bundler/fetcher/downloader.rb @@ -38,6 +38,8 @@ module Bundler end def request(uri, options) + validate_uri_scheme!(uri) + Bundler.ui.debug "HTTP GET #{uri}" req = Net::HTTP::Get.new uri.request_uri, options if uri.user @@ -61,6 +63,15 @@ module Bundler raise HTTPError, "Network error while fetching #{URICredentialsFilter.credential_filtered_uri(uri)}" end end + + private + + def validate_uri_scheme!(uri) + return if uri.scheme =~ /\Ahttps?\z/ + raise InvalidOption, + "The request uri `#{uri}` has an invalid scheme (`#{uri.scheme}`). " \ + "Did you mean `http` or `https`?" + end end end end diff --git a/spec/install/gems/compact_index_spec.rb b/spec/install/gems/compact_index_spec.rb index a800a6ad7b..228d8ddcc9 100644 --- a/spec/install/gems/compact_index_spec.rb +++ b/spec/install/gems/compact_index_spec.rb @@ -696,6 +696,17 @@ The checksum of /versions does not match the checksum provided by the server! So expect(the_bundle).to include_gems "rack 1.0.0" end + it "fails gracefully when the source URI has an invalid scheme" do + install_gemfile <<-G + source "htps://rubygems.org" + gem "rack" + G + expect(exitstatus).to eq(15) if exitstatus + expect(out).to end_with(<<-E.strip) + The request uri `htps://index.rubygems.org/versions` has an invalid scheme (`htps`). Did you mean `http` or `https`? + E + end + describe "checksum validation", :rubygems => ">= 2.3.0" do it "raises when the checksum does not match" do install_gemfile <<-G, :artifice => "compact_index_wrong_gem_checksum" |