diff options
author | tenderlove <tenderlove@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2016-09-15 21:44:56 +0000 |
---|---|---|
committer | tenderlove <tenderlove@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2016-09-15 21:44:56 +0000 |
commit | c2cbd5528cd1ecd0db08f93dbdd1de7175805ef3 (patch) | |
tree | c392eb91d864960d886ad4bad0f2ac90e6c17beb | |
parent | 7070c5bff3a434bbbb35627355734b6240750d39 (diff) | |
download | ruby-c2cbd5528cd1ecd0db08f93dbdd1de7175805ef3.tar.gz |
Don't include bad password in URI exception output
We shouldn't include the bad password in the URI exception output
message. Just knowing that there is a bad password is enough
information.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56166 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | ChangeLog | 7 | ||||
-rw-r--r-- | lib/uri/generic.rb | 2 | ||||
-rw-r--r-- | test/uri/test_generic.rb | 9 |
3 files changed, 17 insertions, 1 deletions
@@ -1,3 +1,10 @@ +Fri Sep 16 06:43:25 2016 Aaron Patterson <tenderlove@ruby-lang.org> + + * lib/uri/generic.rb (def check_password): don't include bad password + in URI exception output + + * test/uri/test_generic.rb (def test_set_component): test for behavior + Thu Sep 15 21:40:03 2016 Kazuhiro NISHIYAMA <zn@mbf.nifty.com> * doc/extension.ja.rdoc: Fix file name. diff --git a/lib/uri/generic.rb b/lib/uri/generic.rb index 5e980d699e..81d46f72a5 100644 --- a/lib/uri/generic.rb +++ b/lib/uri/generic.rb @@ -428,7 +428,7 @@ module URI if parser.regexp[:USERINFO] !~ v raise InvalidComponentError, - "bad component(expected user component): #{v}" + "bad password component" end return true diff --git a/test/uri/test_generic.rb b/test/uri/test_generic.rb index 3510129832..803d427f13 100644 --- a/test/uri/test_generic.rb +++ b/test/uri/test_generic.rb @@ -749,6 +749,15 @@ class URI::TestGeneric < Test::Unit::TestCase assert_equal('foo:xyzzy', uri.to_s) end + def test_bad_password_component + uri = URI.parse('http://foo:bar@baz') + password = 'foo@bar' + e = assert_raise(URI::InvalidComponentError) do + uri.password = password + end + refute_match password, e.message + end + def test_set_scheme uri = URI.parse 'HTTP://example' |