From 0611c4bea9a5da42f668af64ae31d7628c640c5e Mon Sep 17 00:00:00 2001
From: James Wen <jrw2175@columbia.edu>
Date: Tue, 16 Feb 2016 22:24:53 -0500
Subject: Add helpful message and error handling for non-CGI-escaped
 authentication

- Closes #4288
---
 lib/bundler/source/rubygems/remote.rb |  4 ++++
 spec/commands/install_spec.rb         | 16 ++++++++++++++++
 2 files changed, 20 insertions(+)

diff --git a/lib/bundler/source/rubygems/remote.rb b/lib/bundler/source/rubygems/remote.rb
index 32265fb600..92f8a40588 100644
--- a/lib/bundler/source/rubygems/remote.rb
+++ b/lib/bundler/source/rubygems/remote.rb
@@ -39,6 +39,10 @@ module Bundler
           end
 
           uri
+        rescue URI::InvalidComponentError
+          error_message = "Please CGI escape your usernames and passwords before " \
+                          "setting them for authentication."
+          raise HTTPError.new(error_message)
         end
 
         def remove_auth(uri)
diff --git a/spec/commands/install_spec.rb b/spec/commands/install_spec.rb
index 9c81457068..e48d5009ae 100644
--- a/spec/commands/install_spec.rb
+++ b/spec/commands/install_spec.rb
@@ -459,4 +459,20 @@ describe "bundle install with gem sources" do
       expect(out).to include("grant write permissions")
     end
   end
+
+  describe "when bundle install is executed with unencoded authentication" do
+    before do
+      gemfile <<-G
+        source 'https://rubygems.org/'
+        gem 'bundler'
+      G
+    end
+
+    it "should display a helpful messag explaining how to fix it" do
+      bundle :install, :env => { "BUNDLE_RUBYGEMS__ORG" => "user:pass{word" }
+      expect(exitstatus).to eq(17) if exitstatus
+      expect(out).to eq("Please CGI escape your usernames and passwords before " \
+                        "setting them for authentication.")
+    end
+  end
 end
-- 
cgit v1.2.1