From 718a23fd36de971b3bd127c6f9d5311f7029e15c Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Tue, 10 Jul 2018 13:00:21 -0700
Subject: Properly handle colons in URL passwords

Before b46d5b13ecb8e0c0793fa433bff7f49cb0612760, we relied on
`Addressable::URI` to parse the username/password in a URL, but this failed
when credentials contained special characters. However, this introduced a regression
where the parsing would incorrectly truncate the password if the password had a colon.

Closes #49080
---
 lib/gitlab/url_sanitizer.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lib')

diff --git a/lib/gitlab/url_sanitizer.rb b/lib/gitlab/url_sanitizer.rb
index 59331c827af..de8b6ec69ce 100644
--- a/lib/gitlab/url_sanitizer.rb
+++ b/lib/gitlab/url_sanitizer.rb
@@ -58,7 +58,7 @@ module Gitlab
       if raw_credentials.present?
         url.sub!("#{raw_credentials}@", '')
 
-        user, password = raw_credentials.split(':')
+        user, _, password = raw_credentials.partition(':')
         @credentials ||= { user: user.presence, password: password.presence }
       end
 
-- 
cgit v1.2.1