From 1f4ce0de1cd70b905dc2cd40628785b01060738c Mon Sep 17 00:00:00 2001 From: Eric Wong Date: Wed, 9 Jan 2019 11:43:26 +0000 Subject: config: inbox name checking matches git.git more closely Actually, it turns out git.git/remote.c::valid_remote_nick rules alone are insufficient. More checking is performed as part of the refname in the git.git/refs.c::check_refname_component I also considered rejecting URL-unfriendly inbox names entirely, but realized some users may intentionally configure names not handled by our WWW endpoint for archives they don't want accessible over HTTP. --- t/config.t | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) (limited to 't') diff --git a/t/config.t b/t/config.t index 6a6b98c8..5f0a95ba 100644 --- a/t/config.t +++ b/t/config.t @@ -114,4 +114,40 @@ my $tmpdir = tempdir('pi-config-XXXXXX', TMPDIR => 1, CLEANUP => 1); }, 'known addresses populated'); } +my @invalid = ( + # git rejects this because it locks refnames, but we don't have + # this problem with inbox names: + # 'inbox.lock', + + # git rejects these: + '', '..', '.', 'stash@{9}', 'inbox.', '^caret', '~tilde', + '*asterisk', 's p a c e s', ' leading-space', 'trailing-space ', + 'question?', 'colon:', '[square-brace]', "\fformfeed", + "\0zero", "\bbackspace", + +); + +require Data::Dumper; +for my $s (@invalid) { + my $d = Data::Dumper->new([$s])->Terse(1)->Indent(0)->Dump; + ok(!PublicInbox::Config::valid_inbox_name($s), "$d name rejected"); +} + +# obviously-valid examples +my @valid = qw(a a@example a@example.com); + +# Rejecting more was considered, but then it dawned on me that +# people may intentionally use inbox names which are not URL-friendly +# to prevent the PSGI interface from displaying them... +# URL-unfriendly +# '<', '>', '%', '#', '?', '&', '(', ')', + +# maybe these aren't so bad, they're common in Message-IDs, even: +# '!', '$', '=', '+' +push @valid, qw[bang! ca$h less< more> 1% (parens) &more eql= +plus], '#hash'; +for my $s (@valid) { + my $d = Data::Dumper->new([$s])->Terse(1)->Indent(0)->Dump; + ok(PublicInbox::Config::valid_inbox_name($s), "$d name accepted"); +} + done_testing(); -- cgit v1.2.3-24-ge0c7