Merge pull request #2280 from GitoxideLabs/copilot/add-tests-for-user-password-encoding

fix: prevent dots from being URL-encoded in userinfo

Author: Byron

gix-url/src/lib.rs

@@ -328,10 +328,6 @@ impl Url {
     }
 }
 
-fn percent_encode(s: &str) -> Cow<'_, str> {
-    percent_encoding::utf8_percent_encode(s, percent_encoding::NON_ALPHANUMERIC).into()
-}
-
 /// Serialization
 impl Url {
     /// Write this URL losslessly to `out`, ready to be parsed again.
@@ -350,6 +346,38 @@ impl Url {
     }
 
     fn write_canonical_form_to(&self, out: &mut dyn std::io::Write) -> std::io::Result<()> {
+        fn percent_encode(s: &str) -> Cow<'_, str> {
+            /// Characters that must be percent-encoded in the userinfo component of a URL.
+            ///
+            /// According to RFC 3986, userinfo can contain:
+            /// - unreserved characters: `A-Z a-z 0-9 - . _ ~`
+            /// - percent-encoded characters
+            /// - sub-delims: `! $ & ' ( ) * + , ; =`
+            /// - `:`
+            ///
+            /// This encode-set encodes everything else, particularly `@` (userinfo delimiter),
+            /// `/` `?` `#` (path/query/fragment delimiters), and various other special characters.
+            const USERINFO_ENCODE_SET: &percent_encoding::AsciiSet = &percent_encoding::CONTROLS
+                .add(b' ')
+                .add(b'"')
+                .add(b'#')
+                .add(b'%')
+                .add(b'/')
+                .add(b'<')
+                .add(b'>')
+                .add(b'?')
+                .add(b'@')
+                .add(b'[')
+                .add(b'\\')
+                .add(b']')
+                .add(b'^')
+                .add(b'`')
+                .add(b'{')
+                .add(b'|')
+                .add(b'}');
+            percent_encoding::utf8_percent_encode(s, USERINFO_ENCODE_SET).into()
+        }
+
         out.write_all(self.scheme.as_str().as_bytes())?;
         out.write_all(b"://")?;
         match (&self.user, &self.host) {

gix-url/tests/fixtures/make_baseline.sh

@@ -15,7 +15,7 @@ tests_windows=()
 for path in "repo" "re:po" "re/po"; do
   # normal urls
   for protocol in "ssh+git" "git+ssh" "git" "ssh"; do
-    for host in "host" "user@host" "user_name@host" "user@[::1]" "user@::1"; do
+    for host in "host" "user@host" "user_name@host" "user.name@host" "user@[::1]" "user@::1"; do
       for port_separator in "" ":"; do
         tests+=("$protocol://$host$port_separator/$path")
 

gix-url/tests/url/baseline.rs

@@ -84,7 +84,7 @@ fn run() {
     }
 
     assert!(
-        failure_count_reserialization <= 63,
+        failure_count_reserialization <= 72,
         "the number of reserialization errors should ideally get better, not worse - if this panic is not due to regressions but to new passing test cases, you can set this check to {failure_count_reserialization}"
     );
     assert_eq!(failure_count_roundtrips, 0, "there should be no roundtrip errors");
@@ -185,8 +185,8 @@ mod baseline {
 
         pub fn max_num_failures(&self) -> usize {
             match self {
-                Kind::Unix => 195,
-                Kind::Windows => 195 + 6,
+                Kind::Unix => 222,
+                Kind::Windows => 222 + 6,
             }
         }
 

gix-url/tests/url/parse/http.rs

@@ -94,3 +94,27 @@ fn http_missing_path() -> crate::Result {
     assert_url("http://host.xz", url(Scheme::Http, None, "host.xz", None, b"/"))?;
     Ok(())
 }
+
+#[test]
+fn username_with_dot_is_not_percent_encoded() -> crate::Result {
+    assert_url_roundtrip(
+        "http://[email protected]/repo",
+        url(Scheme::Http, "user.name", "example.com", None, b"/repo"),
+    )
+}
+
+#[test]
+fn password_with_dot_is_not_percent_encoded() -> crate::Result {
+    assert_url_roundtrip(
+        "http://user:[email protected]/repo",
+        url_with_pass(Scheme::Http, "user", "pass.word", "example.com", None, b"/repo"),
+    )
+}
+
+#[test]
+fn username_and_password_with_dots_are_not_percent_encoded() -> crate::Result {
+    assert_url_roundtrip(
+        "http://user.name:[email protected]/repo",
+        url_with_pass(Scheme::Http, "user.name", "pass.word", "example.com", None, b"/repo"),
+    )
+}

gix-url/tests/url/parse/ssh.rs

@@ -55,6 +55,14 @@ fn with_user_and_without_port() -> crate::Result {
     )
 }
 
+#[test]
+fn username_with_dot_is_not_percent_encoded() -> crate::Result {
+    assert_url_roundtrip(
+        "ssh://[email protected]/.git",
+        url(Scheme::Ssh, "user.name", "host.xz", None, b"/.git"),
+    )
+}
+
 #[test]
 fn with_user_and_port_and_absolute_path() -> crate::Result {
     assert_url_roundtrip(