vw_small

Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
git clone https://git.philomathiclife.com/repos/vw_small
Log | Files | Refs | README

commit cd8907542a5d128d36309a4c9218ea3f4bd07df3
parent 8a5450e830a133e61b7cd39079d27700127d49e8
Author: Daniel GarcĂ­a <dani-garcia@users.noreply.github.com>
Date:   Sun, 23 Feb 2020 14:55:27 +0100

Make sure the provided domain contains the protocol and show a useful error when it doesn't

Diffstat:
Msrc/config.rs | 25+++++++++++++++++++------
1 file changed, 19 insertions(+), 6 deletions(-)

diff --git a/src/config.rs b/src/config.rs @@ -420,6 +420,11 @@ fn validate_config(cfg: &ConfigItems) -> Result<(), Error> { if cfg!(feature = "postgresql") && !db_url.starts_with("postgresql:") { err!("`DATABASE_URL` should start with postgresql: when using the PostgreSQL server") } + + let dom = cfg.domain.to_lowercase(); + if !dom.starts_with("http://") && !dom.starts_with("https://") { + err!("DOMAIN variable needs to contain the protocol (http, https). Use 'http[s]://bw.example.com' instead of 'bw.example.com'"); + } if let Some(ref token) = cfg.admin_token { if token.trim().is_empty() && !cfg.disable_admin_token { @@ -465,17 +470,25 @@ fn validate_config(cfg: &ConfigItems) -> Result<(), Error> { /// Extracts an RFC 6454 web origin from a URL. fn extract_url_origin(url: &str) -> String { - let url = Url::parse(url).expect("valid URL"); - - url.origin().ascii_serialization() + match Url::parse(url) { + Ok(u) => u.origin().ascii_serialization(), + Err(e) => { + println!("Error validating domain: {}", e); + String::new() + } + } } /// Extracts the path from a URL. /// All trailing '/' chars are trimmed, even if the path is a lone '/'. fn extract_url_path(url: &str) -> String { - let url = Url::parse(url).expect("valid URL"); - - url.path().trim_end_matches('/').to_string() + match Url::parse(url) { + Ok(u) => u.path().trim_end_matches('/').to_string(), + Err(_) => { + // We already print it in the method above, no need to do it again + String::new() + } + } } impl Config {