mirror of
https://gitlab.com/fdroid/fdroidserver.git
synced 2024-09-17 18:50:11 +02:00
lint: require UpdateCheckData to contain only valid HTTPS URLs
This commit is contained in:
parent
1c9bc32bf6
commit
26bfd7fb28
@ -21,6 +21,7 @@ import glob
|
||||
import os
|
||||
import re
|
||||
import sys
|
||||
import urllib.parse
|
||||
|
||||
from . import _
|
||||
from . import common
|
||||
@ -207,6 +208,19 @@ def get_lastbuild(builds):
|
||||
return lastbuild
|
||||
|
||||
|
||||
def check_update_check_data_url(app):
|
||||
"""UpdateCheckData must have a valid HTTPS URL to protect checkupdates runs
|
||||
"""
|
||||
if app.UpdateCheckData:
|
||||
urlcode, codeex, urlver, verex = app.UpdateCheckData.split('|')
|
||||
for url in (urlcode, urlver):
|
||||
parsed = urllib.parse.urlparse(url)
|
||||
if not parsed.scheme or not parsed.netloc:
|
||||
yield _('UpdateCheckData not a valid URL: {url}').format(url=url)
|
||||
if parsed.scheme != 'https':
|
||||
yield _('UpdateCheckData must use HTTPS URL: {url}').format(url=url)
|
||||
|
||||
|
||||
def check_ucm_tags(app):
|
||||
lastbuild = get_lastbuild(app.builds)
|
||||
if (lastbuild is not None
|
||||
@ -513,6 +527,7 @@ def main():
|
||||
|
||||
app_check_funcs = [
|
||||
check_regexes,
|
||||
check_update_check_data_url,
|
||||
check_ucm_tags,
|
||||
check_char_limits,
|
||||
check_old_links,
|
||||
|
Loading…
Reference in New Issue
Block a user