Reject invalid repository archive request formats
What does this MR do and why?
Reject invalid repository archive request formats
Fixes #407534 (closed)
Archive requests with invalid formats throw 500 errors. Our archive endpoint uses a format constraint, however, we do not ensure that all requests passed a valid format.
This change ensures a valid format is passed to the route. Any invalid formats will result in a 404 response.
Changelog: fixed
How to set up and validate locally
Should download successfully
Gitlab uses metadata in links that prevent these from working when clicked. You need to new tab/window and paste the link for the file to actually download.
- http://gdk.test:3000/gitlab-org/cli/-/archive/main/foo.zip
- http://gdk.test:3000/gitlab-org/cli/-/archive/main/foo.tar
- http://gdk.test:3000/gitlab-org/cli/-/archive/main/foo.tar.gz
- http://gdk.test:3000/gitlab-org/cli/-/archive/main/foo.tgz
- http://gdk.test:3000/gitlab-org/cli/-/archive/main/foo.gz
- http://gdk.test:3000/gitlab-org/cli/-/archive/main/foo.tar.bz2
- http://gdk.test:3000/gitlab-org/cli/-/archive/main/foo.tbz
- http://gdk.test:3000/gitlab-org/cli/-/archive/main/foo.tbz2
- http://gdk.test:3000/gitlab-org/cli/-/archive/main/foo.tb2
- http://gdk.test:3000/gitlab-org/cli/-/archive/main/foo.bz2
Should render 404
- http://gdk.test:3000/gitlab-org/cli/-/archive/main/foo.yml
- http://gdk.test:3000/gitlab-org/cli/-/archive/main/foo.yaml
- http://gdk.test:3000/gitlab-org/cli/-/archive/main/foo.text
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Joe Woodward