Mirror/monolith
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

only attempt to remove credentals from HTTP(S) URLs

Browse source
This commit is contained in:
Sunshine 2020-06-01 05:28:02 -04:00
parent ed82b96152
commit 4e31d0433e
No known key found for this signature in database
GPG key ID: B80CA68703CD8AB1
1 changed files with 6 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
src/main.rs
View file

@ -160,9 +160,12 @@ fn main() {
// Safe to unwrap (we just put this through an HTTP request)
let mut clean_url = Url::parse(&base_url).unwrap();
clean_url.set_fragment(None);
// Don't include credentials
clean_url.set_username("").unwrap();
clean_url.set_password(None).unwrap();
// Prevent credentials from getting into metadata
if is_http_url(&base_url) {
// Only HTTP(S) URLs may feature credentials
clean_url.set_username("").unwrap();
clean_url.set_password(None).unwrap();
}
let metadata_comment = if is_http_url(&base_url) {
format!(
"<!-- Saved from {} at {} using {} v{} -->\n",