Veles urls with credentials#1651
Conversation
|
Hello @erikvarga , thanks for the review. There are still some conversations left open that require your attention. Apologies for the trouble, but due to the scope of the validator, there are a couple of nuances that need to be addressed. |
|
Hello @erikvarga, beside #1651 (comment) and the conflicts, this PR should be ready to merge. Please let me know if you have any updates or if there is anything else me to address. |
erikvarga
left a comment
erikvarga
left a comment
There was a problem hiding this comment.
I'll try to import it and see what the internal tests think
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
|
Hello @erikvarga I see this has been hanging for a while, do you need anything from my side? |
|
Nothing to do from your side, it just took a while to get all the approvals for importing the library. If everything goes well this will be merged shortly. |
PiperOrigin-RevId: 864289775
|
Merged in f9e7ab2 |
2 participants
This PR adds the logic for detecting URLs containing credentials.
Note
The newly introduced package
github.com/google/osv-scalibr/veles/secrets/urlcreds/validators/httpauthimplements logic to:WWW-Authenticateheaders containing server challengesSee RFC 7616: HTTP Digest Access Authentication