jprdonnelly/redash
1
0
Fork 0
mirror of https://github.com/getredash/redash.git synced 2025-12-19 17:37:19 -05:00
Code Issues Projects Releases Wiki Activity

Incomplete URL substring sanitization (#6342)

Browse Source 
* Incomplete URL substring sanitization

* fix hostname

* Only match on the exact host name

---------

Co-authored-by: Justin Clift <justin@postgresql.org>
This commit is contained in:
Konstantin Smirnov
2023-08-03 02:31:18 +05:00
committed by GitHub
parent acf77f85ff
commit 0d1ce4d98c
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
bin/release_manager.py
View File

@@ -3,6 +3,7 @@ import os
import re import re
import subprocess import subprocess
import sys import sys
from urllib.parse import urlparse
import requests import requests
import simplejson import simplejson
@@ -13,7 +14,7 @@ repo = "getredash/redash"
def _github_request(method, path, params=None, headers={}): def _github_request(method, path, params=None, headers={}):
if not path.startswith("https://api.github.com"): if urlparse(path).hostname != "api.github.com":
url = "https://api.github.com/{}".format(path) url = "https://api.github.com/{}".format(path)
else: else:
url = path url = path