kumi/Android-Password-Store
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Actively discourage use of git protocol (#1368)

Browse source
This commit is contained in:
Harsh Shandilya 2021-04-04 01:21:34 +05:30 committed by GitHub
parent c10703db49
commit cf5f0eae3a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -24,6 +24,7 @@ All notable changes to this project will be documented in this file.
- Accessibility autofill has been removed completely due to being buggy, insecure and lacking in features. Upgrade to Android 8 or preferably later to gain access to our advanced Autofill implementation.
- The settings UI has been completely re-done to dramatically improve discoverability and navigation for users
- Using the `git://` protocol in the server URL now presents an explicit discouragement rather than a generic error
## [1.13.4] - 2021-03-20

9
app/src/main/java/dev/msfjarvis/aps/ui/git/config/GitServerConfigActivity.kt
View file

@ -116,6 +116,15 @@ class GitServerConfigActivity : BaseGitActivity() {
return@setOnClickListener
}
}
if (newUrl.startsWith("git://")) {
BasicBottomSheet.Builder(this)
.setTitleRes(R.string.git_scheme_disallowed_title)
.setMessageRes(R.string.git_scheme_disallowed_message)
.setPositiveButtonClickListener {}
.build()
.show(supportFragmentManager, "SSH_SCHEME_WARNING")
return@setOnClickListener
}
when (val updateResult =
GitSettings.updateConnectionSettingsIfValid(
newAuthMode = newAuthMode,

2
app/src/main/res/values/strings.xml
View file

@ -389,6 +389,8 @@
<string name="ssh_scheme_needed_message">It appears that your URL contains a custom port, but does not specify the ssh:// scheme.\nThis can cause the port to be considered a part of your path. Press OK here to fix the URL.</string>
<string name="https_scheme_with_port_title">HTTPS URL with custom port</string>
<string name="https_scheme_with_port_message">It looks like you are using a HTTPS URL with a custom port. This is not supported, and will cause problems down the line. Press OK to remove the port from your URL.</string>
<string name="git_scheme_disallowed_title">Using the git:// protocol is discouraged</string>
<string name="git_scheme_disallowed_message">The git protocol provided by git-daemon performs no transport encryption and is unsuitable for secure operations.</string>
<!-- Proxy configuration activity -->
<string name="proxy_hostname">Proxy hostname</string>