We currently validate RepositoryID uris to be a valid api address from our own server.
This commit is contained in:
erik 2024-05-28 12:38:27 +02:00
parent 69e79e50c2
commit 9c9333868c

View file

@ -126,6 +126,7 @@ type RepositoryID struct {
// Factory function for RepositoryID. Created struct is asserted to be valid. // Factory function for RepositoryID. Created struct is asserted to be valid.
func NewRepositoryID(uri, source string) (RepositoryID, error) { func NewRepositoryID(uri, source string) (RepositoryID, error) {
// ToDo: Here we check if the uri is coming from OUR machine. This fails for any urls pointing to other machines.
if !validation.IsAPIURL(uri) { if !validation.IsAPIURL(uri) {
return RepositoryID{}, fmt.Errorf("uri %s is not a valid repo url on this host %s", uri, setting.AppURL+"api") return RepositoryID{}, fmt.Errorf("uri %s is not a valid repo url on this host %s", uri, setting.AppURL+"api")
} }