org.eclipse.egit.ui/src/org/eclipse/egit/ui/internal/clone/GitUrlChecker.java

   1 /*******************************************************************************
   2  * Copyright (c) 2011, 2017 The Eclipse Foundation and others.
   3  * All rights reserved. This program and the accompanying materials
   4  * are made available under the terms of the Eclipse Public License 2.0
   5  * which accompanies this distribution, and is available at
   6  * https://www.eclipse.org/legal/epl-2.0/
   7  *
   8  * SPDX-License-Identifier: EPL-2.0
   9  *
  10  * Contributors:
  11  *     The Eclipse Foundation - initial API and implementation
  12  *     Ian Pun - factored out of RepositorySelectionPage
  13  *******************************************************************************/
  14 package org.eclipse.egit.ui.internal.clone;
  15
  16 import java.net.URISyntaxException;
  17
  18 import org.eclipse.egit.core.internal.Utils;
  19 import org.eclipse.egit.ui.internal.KnownHosts;
  20 import org.eclipse.egit.ui.internal.components.RepositorySelectionPage.Protocol;
  21 import org.eclipse.jgit.lib.Constants;
  22 import org.eclipse.jgit.transport.Transport;
  23 import org.eclipse.jgit.transport.TransportProtocol;
  24 import org.eclipse.jgit.transport.URIish;
  25
  26 /**
  27  * Utility class for checking strings for being valid git URLs, and for
  28  * sanitizing arbitrary string input.
  29  */
  30 public final class GitUrlChecker {
  31
  32         private static final String GIT_CLONE_COMMAND_PREFIX = "git clone "; //$NON-NLS-1$
  33
  34         private static final String QUOTE = "\""; //$NON-NLS-1$
  35
  36         private GitUrlChecker() {
  37                 // No instantiation
  38         }
  39
  40         /**
  41          * Checks if the incoming string is a valid git URL. It is recommended to
  42          * {@link #sanitizeAsGitUrl(String) sanitize} the String first if coming
  43          * from an untrustworthy source.
  44          *
  45          * @param url
  46          *            to check
  47          * @return {@code true} if the {@code url} is a valid git URL, {@code false}
  48          *         otherwise
  49          */
  50         public static boolean isValidGitUrl(String url) {
  51                 try {
  52                         if (url != null) {
  53                                 URIish u = new URIish(url);
  54                                 if (canHandleProtocol(u)) {
  55                                         if (Protocol.GIT.handles(u) || Protocol.SSH.handles(u)
  56                                                         || (Protocol.HTTP.handles(u)
  57                                                                         || Protocol.HTTPS.handles(u))
  58                                                                         && KnownHosts.isKnownHost(u.getHost())
  59                                                         || url.endsWith(Constants.DOT_GIT_EXT)) {
  60                                                 return true;
  61                                         }
  62                                 }
  63                         }
  64                 } catch (URISyntaxException e) {
  65                         // Ignore. This is used to check arbitrary input for being a
  66                         // possibly valid git URL; we don't want to flood the log here.
  67                 }
  68                 return false;
  69         }
  70
  71         /**
  72          * Sanitize a string for use as a git URL. Strips the Git Clone command if
  73          * needed and reduces remaining the input to anything before the first
  74          * whitespace.
  75          *
  76          * @param input
  77          *            String to be sanitized
  78          * @return sanitized string; if the input came from an untrustworthy source,
  79          *         is should still be checked using {@link #isValidGitUrl(String)}
  80          *         before being used for real as a git URL
  81          */
  82         public static String sanitizeAsGitUrl(String input) {
  83                 String sanitized = Utils.firstLine(input).strip();
  84                 if (sanitized.startsWith(GIT_CLONE_COMMAND_PREFIX)) {
  85                         sanitized = sanitized.substring(GIT_CLONE_COMMAND_PREFIX.length())
  86                                         .strip();
  87                         if (sanitized.startsWith(QUOTE) && sanitized.endsWith(QUOTE)) {
  88                                 sanitized = sanitized.substring(1, sanitized.length() - 1)
  89                                                 .strip();
  90                         }
  91                 }
  92                 try {
  93                         URIish uri = new URIish(sanitized);
  94                         if (Protocol.FILE.handles(uri)) {
  95                                 // Allow spaces
  96                                 return sanitized;
  97                         }
  98                 } catch (URISyntaxException e) {
  99                         // Ignore here; error will be reported later where this method is
 100                         // used.
 101                 }
 102                 // Take only the part up to the first whitespace character
 103                 return sanitized.split("\\h", 2)[0]; //$NON-NLS-1$
 104         }
 105
 106         private static boolean canHandleProtocol(URIish u) {
 107                 for (TransportProtocol proto : Transport.getTransportProtocols()) {
 108                         if (proto.canHandle(u)) {
 109                                 return true;
 110                         }
 111                 }
 112                 return false;
 113         }
 114
 115 }