mikkel/nexus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: add HTTPS protocol check to server-side GitHub URL parsers

Browse source
This commit is contained in:
statxc 2026-04-01 21:27:10 +00:00
parent f9cebe9b73
commit 6a7830b07e
2 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
server/src/services/company-portability.ts
View file

@ -2567,6 +2567,9 @@ function normalizeGitHubSourcePath(value: string | null | undefined) {
export function parseGitHubSourceUrl(rawUrl: string) { export function parseGitHubSourceUrl(rawUrl: string) {
const url = new URL(rawUrl); const url = new URL(rawUrl);
if (url.protocol !== "https:") {
throw unprocessable("GitHub source URL must use HTTPS");
}
const hostname = url.hostname; const hostname = url.hostname;
const parts = url.pathname.split("/").filter(Boolean); const parts = url.pathname.split("/").filter(Boolean);
if (parts.length < 2) { if (parts.length < 2) {

3
server/src/services/company-skills.ts
View file

@ -512,6 +512,9 @@ async function resolveGitHubCommitSha(owner: string, repo: string, ref: string,
function parseGitHubSourceUrl(rawUrl: string) { function parseGitHubSourceUrl(rawUrl: string) {
const url = new URL(rawUrl); const url = new URL(rawUrl);
if (url.protocol !== "https:") {
throw unprocessable("GitHub source URL must use HTTPS");
}
const parts = url.pathname.split("/").filter(Boolean); const parts = url.pathname.split("/").filter(Boolean);
if (parts.length < 2) { if (parts.length < 2) {
throw unprocessable("Invalid GitHub URL"); throw unprocessable("Invalid GitHub URL");