diff options
| author | DanConwayDev <DanConwayDev@protonmail.com> | 2026-04-09 15:24:17 +0000 |
|---|---|---|
| committer | DanConwayDev <DanConwayDev@protonmail.com> | 2026-04-09 15:24:17 +0000 |
| commit | 2d74b9ca69b3a1e0b9a2359c12cc2d1979fc6130 (patch) | |
| tree | 61180841310feaca54c1661552d88347a0bebd72 /docs/reference | |
| parent | 28168a7701c897a5b6af13bc472d6f5902e0a96d (diff) | |
fix: reject identifiers with whitespace and URL-decode path components
Two bugs allowed a repository announcement with a space-containing
identifier ('kuboslopp by Shakespeare') to enter purgatory and create
a bare repo on disk, but then fail to serve git data over HTTP.
Bug 1 (serving): parse_git_url and parse_repo_url did not percent-decode
the URL path before resolving the filesystem path. A client requesting
/npub.../kuboslopp%20by%20Shakespeare.git/info/refs had the identifier
extracted as 'kuboslopp%20by%20Shakespeare' (literal %20), which did not
match the on-disk directory 'kuboslopp by Shakespeare.git'.
Fix: add percent_decode() in src/git/mod.rs and apply it to the repo
component in both parse_git_url and parse_repo_url.
Bug 2 (validation): validate_announcement did not check that the
identifier is safe as a filesystem path component and URL segment.
Identifiers containing whitespace, path separators, null bytes, or
reserved names (. / ..) should be rejected at acceptance time.
Fix: add validate_identifier() in src/nostr/events.rs and call it from
validate_announcement before any other policy checks.
Diffstat (limited to 'docs/reference')
0 files changed, 0 insertions, 0 deletions