Bug in LFS import when import_url user or password have invalid characters
Imagine the import_url
of a project is something like http://t+u:a#b@example.com
. When we try to parse it using Addressable::URI.parse
or URI.parse
it will raise an error.
In order to avoid this, in https://gitlab.com/gitlab-org/gitlab-ce/commit/50ff36265016728ab9372bff6b16b49e2d2364d6, we used Gitlab::UrlSanitizer
in between of this process. So now, when you query the project import_url
it will return the encoded version of the url (http://t%2Bu:a%23b@example.com
).
Nevertheless, in the LFS import workflow, these encoding
changes weren't reflected. That means, when LfsDownloadLinkListService
asks for the oids
' links in get_download_links
, it will be using invalid credentials, http://t%2Bu:a%23b@example.com/info/lfs/objects/batch
, and it will also build invalid links.
To fix this we need to unencode the user and password before requesting any data.