Mirror
/
monolith
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

only attempt to remove credentals from HTTP(S) URLs

This commit is contained in:
Sunshine 2020-06-01 05:28:02 -04:00
parent ed82b96152
commit 4e31d0433e
No known key found for this signature in database
GPG Key ID: B80CA68703CD8AB1
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/main.rs
View File

@ -160,9 +160,12 @@ fn main() {
// Safe to unwrap (we just put this through an HTTP request) // Safe to unwrap (we just put this through an HTTP request)
let mut clean_url = Url::parse(&base_url).unwrap(); let mut clean_url = Url::parse(&base_url).unwrap();
clean_url.set_fragment(None); clean_url.set_fragment(None);
// Don't include credentials // Prevent credentials from getting into metadata
clean_url.set_username("").unwrap(); if is_http_url(&base_url) {
clean_url.set_password(None).unwrap(); // Only HTTP(S) URLs may feature credentials
clean_url.set_username("").unwrap();
clean_url.set_password(None).unwrap();
}
let metadata_comment = if is_http_url(&base_url) { let metadata_comment = if is_http_url(&base_url) {
format!( format!(
"<!-- Saved from {} at {} using {} v{} -->\n", "<!-- Saved from {} at {} using {} v{} -->\n",