From 95f9094c96d6923f9a7995b97ddb92b9c5c4bb96 Mon Sep 17 00:00:00 2001 From: Grey Baker Date: Thu, 3 Jan 2019 15:23:17 +0000 Subject: Include URL in Bundler::Fetcher::FallbackError message for Net::HTTPNotFound --- lib/bundler/fetcher/downloader.rb | 2 +- spec/bundler/fetcher/downloader_spec.rb | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/bundler/fetcher/downloader.rb b/lib/bundler/fetcher/downloader.rb index e0e0cbf1c9..a75a36055d 100644 --- a/lib/bundler/fetcher/downloader.rb +++ b/lib/bundler/fetcher/downloader.rb @@ -37,7 +37,7 @@ module Bundler when Net::HTTPUnauthorized raise AuthenticationRequiredError, uri.host when Net::HTTPNotFound - raise FallbackError, "Net::HTTPNotFound" + raise FallbackError, "Net::HTTPNotFound: #{uri}" else raise HTTPError, "#{response.class}#{": #{response.body}" unless response.body.empty?}" end diff --git a/spec/bundler/fetcher/downloader_spec.rb b/spec/bundler/fetcher/downloader_spec.rb index c9b4fa662a..ac2c197956 100644 --- a/spec/bundler/fetcher/downloader_spec.rb +++ b/spec/bundler/fetcher/downloader_spec.rb @@ -88,7 +88,8 @@ RSpec.describe Bundler::Fetcher::Downloader do let(:http_response) { Net::HTTPNotFound.new("1.1", 404, "Not Found") } it "should raise a Bundler::Fetcher::FallbackError with Net::HTTPNotFound" do - expect { subject.fetch(uri, options, counter) }.to raise_error(Bundler::Fetcher::FallbackError, "Net::HTTPNotFound") + expect { subject.fetch(uri, options, counter) }. + to raise_error(Bundler::Fetcher::FallbackError, "Net::HTTPNotFound: http://www.uri-to-fetch.com/api/v2/endpoint") end end -- cgit v1.2.1 From 23ddab395df40692585e2fcc635dbf3e5ee1db2a Mon Sep 17 00:00:00 2001 From: Grey Baker Date: Mon, 14 Jan 2019 20:46:12 +0000 Subject: Ensure credentials are masked in FallbackError from Net::HTTPNotFound --- lib/bundler/fetcher/downloader.rb | 2 +- spec/bundler/fetcher/downloader_spec.rb | 9 +++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/lib/bundler/fetcher/downloader.rb b/lib/bundler/fetcher/downloader.rb index a75a36055d..87ad4140fd 100644 --- a/lib/bundler/fetcher/downloader.rb +++ b/lib/bundler/fetcher/downloader.rb @@ -37,7 +37,7 @@ module Bundler when Net::HTTPUnauthorized raise AuthenticationRequiredError, uri.host when Net::HTTPNotFound - raise FallbackError, "Net::HTTPNotFound: #{uri}" + raise FallbackError, "Net::HTTPNotFound: #{URICredentialsFilter.credential_filtered_uri(uri)}" else raise HTTPError, "#{response.class}#{": #{response.body}" unless response.body.empty?}" end diff --git a/spec/bundler/fetcher/downloader_spec.rb b/spec/bundler/fetcher/downloader_spec.rb index ac2c197956..07b507266b 100644 --- a/spec/bundler/fetcher/downloader_spec.rb +++ b/spec/bundler/fetcher/downloader_spec.rb @@ -91,6 +91,15 @@ RSpec.describe Bundler::Fetcher::Downloader do expect { subject.fetch(uri, options, counter) }. to raise_error(Bundler::Fetcher::FallbackError, "Net::HTTPNotFound: http://www.uri-to-fetch.com/api/v2/endpoint") end + + context "when the there are credentials provided in the request" do + let(:uri) { URI("http://username:password@www.uri-to-fetch.com/api/v2/endpoint") } + + it "should raise a Bundler::Fetcher::FallbackError that doesn't contain the password" do + expect { subject.fetch(uri, options, counter) }. + to raise_error(Bundler::Fetcher::FallbackError, "Net::HTTPNotFound: http://username@www.uri-to-fetch.com/api/v2/endpoint") + end + end end context "when the request response is some other type" do -- cgit v1.2.1