diff options
| author | Jens Baumgart | 2010-12-14 16:31:45 +0000 |
|---|---|---|
| committer | Jens Baumgart | 2010-12-14 16:31:45 +0000 |
| commit | 7b7ff1115641ba67b06a4dc83ff6b95a37784ef1 (patch) | |
| tree | 46c212dac691f0cc235001e48d7801c82b3a6f08 | |
| parent | 536566d1cac672f70da9ed7c3b97893629dae2aa (diff) | |
| download | egit-7b7ff1115641ba67b06a4dc83ff6b95a37784ef1.tar.gz egit-7b7ff1115641ba67b06a4dc83ff6b95a37784ef1.tar.xz egit-7b7ff1115641ba67b06a4dc83ff6b95a37784ef1.zip | |
Do not put user to URI when using http / https
Currently the repository selection page (used by clone wizard and
other wizards) automatically puts a user entered in the user field to
the URI. This is a security hole for http and https usage. Furthermore
configuring http based push does not work because proxy servers often
reject URLs with contained user.
The automatic update of the URI field with the user was disabled for
the protocols http and https.
Signed-off-by: Jens Baumgart <jens.baumgart@sap.com>
| -rw-r--r-- | org.eclipse.egit.ui/src/org/eclipse/egit/ui/internal/components/RepositorySelectionPage.java | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/org.eclipse.egit.ui/src/org/eclipse/egit/ui/internal/components/RepositorySelectionPage.java b/org.eclipse.egit.ui/src/org/eclipse/egit/ui/internal/components/RepositorySelectionPage.java index a0171685a4..871b46f14d 100644 --- a/org.eclipse.egit.ui/src/org/eclipse/egit/ui/internal/components/RepositorySelectionPage.java +++ b/org.eclipse.egit.ui/src/org/eclipse/egit/ui/internal/components/RepositorySelectionPage.java @@ -548,7 +548,9 @@ public class RepositorySelectionPage extends WizardPage { userText.setLayoutData(createFieldGridData()); userText.addModifyListener(new ModifyListener() { public void modifyText(final ModifyEvent e) { - setURI(uri.setUser(nullString(userText.getText()))); + Protocol protocol = getProtocol(); + if (protocol != Protocol.HTTP && protocol != Protocol.HTTPS) + setURI(uri.setUser(nullString(userText.getText()))); user = userText.getText(); } }); @@ -864,15 +866,21 @@ public class RepositorySelectionPage extends WizardPage { } private void updateAuthGroup() { - int idx = scheme.getSelectionIndex(); - if (idx >= 0) { - Protocol p = Protocol.values()[idx]; + Protocol p = getProtocol(); + if (p != null) { hostText.setEnabled(p.hasHost()); portText.setEnabled(p.hasPort()); setEnabledRecursively(authGroup, p.canAuthenticate()); } } + private Protocol getProtocol() { + int idx = scheme.getSelectionIndex(); + if (idx >= 0) + return Protocol.values()[idx]; + return null; + } + @Override public void setVisible(boolean visible) { super.setVisible(visible); |