Rewrite GitLab Link headers safely

Author: Benaiah

api/gitlab.go

@@ -122,14 +122,32 @@ func (gl *GitLabGateway) authenticate(w http.ResponseWriter, r *http.Request) er
 var gitlabLinkRegex = regexp.MustCompile("<(.*?)>")
 var gitlabLinkRelRegex = regexp.MustCompile("rel=\"(.*?)\"")
 
+func rewriteGitlabLinkEntry(linkEntry, endpointAPIURL, proxyAPIURL string) string {
+	linkAndRel := strings.Split(strings.TrimSpace(linkEntry), ";")
+	if len(linkAndRel) != 2 {
+		return linkEntry
+	}
+
+	linkMatch := gitlabLinkRegex.FindStringSubmatch(linkAndRel[0])
+	if len(linkMatch) < 2 {
+		return linkEntry
+	}
+
+	relMatch := gitlabLinkRelRegex.FindStringSubmatch(linkAndRel[1])
+	if len(relMatch) < 2 {
+		return linkEntry
+	}
+
+	proxiedLink := proxyAPIURL + strings.TrimPrefix(linkMatch[1], endpointAPIURL)
+	rel := relMatch[1]
+	return "<" + proxiedLink + ">; rel=\"" + rel + "\""
+}
+
 func rewriteGitlabLinks(linkHeader, endpointAPIURL, proxyAPIURL string) string {
 	linkEntries := strings.Split(linkHeader, ",")
-	finalLinkEntries := []string{}
-	for _, linkEntry := range linkEntries {
-		linkAndRel := strings.Split(strings.TrimSpace(linkEntry), ";")
-		link := proxyAPIURL + strings.TrimPrefix(gitlabLinkRegex.FindStringSubmatch(linkAndRel[0])[1], endpointAPIURL)
-		rel := gitlabLinkRelRegex.FindStringSubmatch(linkAndRel[1])[1]
-		finalLinkEntries = append(finalLinkEntries, "<"+link+">; rel=\""+rel+"\"")
+	finalLinkEntries := make([]string, len(linkEntries), len(linkEntries))
+	for i, linkEntry := range linkEntries {
+		finalLinkEntries[i] = rewriteGitlabLinkEntry(linkEntry, endpointAPIURL, proxyAPIURL)
 	}
 	finalLinkHeader := strings.Join(finalLinkEntries, ",")
 	return finalLinkHeader