hugo
/
composer
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add test for password escaping

Browse Source
main
Jordi Boggiano 8 years ago
parent dbc7629bb2
commit 39c2c8c30a
2 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File

4
src/Composer/Util/ProcessExecutor.php
Unescape Escape View File

@ -45,11 +45,11 @@ class ProcessExecutor
{
if ($this->io && $this->io->isDebug()) {
$safeCommand = preg_replace_callback('{(://)(?P<user>[^:/\s]+):(?P<password>[^@\s/]+)}i', function ($m) {
if (preg_match('{^[a-f0-9]{12,}$}', $m[2])) {
if (preg_match('{^[a-f0-9]{12,}$}', $m['user'])) {
return '://***:***';
}
return '://'.$m[2].':***';
return '://'.$m['user'].':***';
}, $command);
$this->io->writeError('Executing command ('.($cwd ?: 'CWD').'): '.$safeCommand);
}

10
tests/Composer/Test/Util/ProcessExecutorTest.php
Unescape Escape View File

@ -14,6 +14,8 @@ namespace Composer\Test\Util;
use Composer\Util\ProcessExecutor;
use Composer\TestCase;
use Composer\IO\BufferIO;
use Symfony\Component\Console\Output\StreamOutput;
class ProcessExecutorTest extends TestCase
{
@ -48,6 +50,14 @@ class ProcessExecutorTest extends TestCase
ProcessExecutor::setTimeout(60);
}
public function testHidePasswords()
{
$process = new ProcessExecutor($buffer = new BufferIO('', StreamOutput::VERBOSITY_DEBUG));
$process->execute('echo https://foo:bar@example.org/ && echo http://foo@example.org && echo http://abcdef1234567890234578:x-oauth-token@github.com/', $output);
$this->assertEquals('Executing command (CWD): echo https://foo:***@example.org/ && echo http://foo@example.org && echo http://***:***@github.com/', trim($buffer->getOutput()));
}
public function testSplitLines()
{
$process = new ProcessExecutor;

Write Preview
Loading…
Cancel
Save