lint: improve HTTPS check

It was missing some domains, so I added another rule. @IzzySoft pointed out it was redudnant, so this removes the redudant rule and fixes the original. https://gitlab.com/fdroid/fdroidserver/merge_requests/681/diffs#note_225263464
2019-10-03 23:46:34 +02:00 · 2019-10-03 23:46:34 +02:00 · 3801db064a
parent a8b7342e4c
commit 3801db064a
2 changed files with 6 additions and 6 deletions
--- a/fdroidserver/lint.py
+++ b/fdroidserver/lint.py
@ -33,7 +33,7 @@ options = None


 def enforce_https(domain):
-    return (re.compile(r'^[^h][^t][^t][^p][^s]://[^/]*' + re.escape(domain) + r'(/.*)?', re.IGNORECASE),
+    return (re.compile(r'^http://([^/]*\.)?' + re.escape(domain) + r'(/.*)?', re.IGNORECASE),
            domain + " URLs should always use https://")


@ -122,11 +122,9 @@ http_url_shorteners = [
 http_checks = https_enforcings + http_url_shorteners + [
    (re.compile(r'^(?!https?://)[^/]+'),
     _("URL must start with https:// or http://")),
-    (re.compile(r'^http://[^.]+\.(github|gitlab)\.io/'),
-     _("URL must start with https://")),
    (re.compile(r'^https://(github|gitlab)\.com(/[^/]+){2,3}\.git'),
     _("Appending .git is not necessary")),
-    (re.compile(r'^https://[^/]*(github|gitlab|bitbucket|rawgit)\.[a-zA-Z]+/([^/]+/){2,3}master/'),
+    (re.compile(r'^https://[^/]*(github|gitlab|bitbucket|rawgit|githubusercontent)\.[a-zA-Z]+/([^/]+/){2,3}master/'),
     _("Use /HEAD instead of /master to point at a file in the default branch")),
 ]

--- a/tests/lint.TestCase
+++ b/tests/lint.TestCase
@ -102,20 +102,22 @@ class LintTest(unittest.TestCase):

        bad_urls = [
            'github.com/my/proj',
+            'http://github.com/not/secure',
            'https://github.com/foo/bar.git',
            'https://gitlab.com/group/subgroup/project.git',
            'https://raw.githubusercontent.com/Seva-coder/Finder/master/ChangeLog.txt',
            'https://github.com/scoutant/blokish/blob/master/README.md#changelog',
            'http://htmlpreview.github.io/?https://github.com/my/project/blob/HEAD/index.html',
+            'http://fdroid.gitlab.io/fdroid-website',
        ]
-        anywarns = False
        logging.debug('bad urls:')
        for url in bad_urls:
+            anywarns = False
            app['SourceCode'] = url
            for warn in fdroidserver.lint.check_regexes(app):
                anywarns = True
                logging.debug(warn)
-        self.assertTrue(anywarns)
+            self.assertTrue(anywarns, url + " does not fail lint!")

    def test_check_app_field_types(self):
        config = dict()