Skip to content
This repository has been archived by the owner on Dec 21, 2023. It is now read-only.

fix(webhook-service): Disallow @ file uploads inside data block #7162

Merged
merged 1 commit into from
Mar 15, 2022
Merged

fix(webhook-service): Disallow @ file uploads inside data block #7162

merged 1 commit into from
Mar 15, 2022

Conversation

warber
Copy link
Contributor

@warber warber commented Mar 15, 2022

backport of #7158

@warber
fix(webhook-service): Disallow @ file uploads inside data block (#7158
40299f3 
)

* added failing test cases

Signed-off-by: warber <[email protected]>

* fix: disallow @ in data block

Signed-off-by: warber <[email protected]>

* fixed if condition when checking for data block

Signed-off-by: warber <[email protected]>

* additional tests

Signed-off-by: warber <[email protected]>

* incorp. review comment

Signed-off-by: warber <[email protected]>
(cherry picked from commit aa0f71e)
@warber warber requested a review from a team as a code owner March 15, 2022 15:06
@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@codecov
Copy link

codecov bot commented Mar 15, 2022

Codecov Report

Merging #7162 (40299f3) into 0.13.x (a1ce606) will increase coverage by 0.01%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##           0.13.x    #7162      +/-   ##
==========================================
+ Coverage   57.75%   57.77%   +0.01%     
==========================================
  Files         508      508              
  Lines       29317    29329      +12     
  Branches     1381     1381              
==========================================
+ Hits        16932    16944      +12     
  Misses      11175    11175              
  Partials     1210     1210
Impacted Files Coverage Δ
webhook-service/lib/curl_executor.go 95.23% <100.00%> (+0.36%) ⬆️
Flag Coverage Δ
webhook-service 80.41% <100.00%> (+0.49%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

@thisthat thisthat changed the title fix(webhook-service): Disallow @ file uploads inside data block (#7… fix(webhook-service): Disallow @ file uploads inside data block Mar 15, 2022
@thisthat thisthat merged commit 6426d15 into 0.13.x Mar 15, 2022
@thisthat thisthat deleted the backport/wh-svc-disallow-uploading-files-013 branch March 15, 2022 17:24
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@thisthat thisthat thisthat approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@warber @thisthat