#513 Undesirable restrictions on scmurl prefix
Closed: Fixed 5 years ago Opened 5 years ago by frostyx.

When submitting a module build from scmurl, there is a check whether the URL has an allowed prefix. See this code snippet from views.py

url = self.data["scmurl"]
if not any(url.startswith(prefix) for prefix in conf.scmurls):
    log.error("The submitted scmurl %r is not allowed" % url)
    raise Forbidden("The submitted scmurl %s is not allowed" % url)

My question is why we want to check such thing? It would be nice if people could build from private servers - at least when MockModuleBuilder or CoprModuleBuilder is used.

If the check is not required, we may want to remove it. Otherwise I would suggest some bool ALLOW_CUSTOM_SCMURLS variable in config which may be by default False if you want and adding it to the code above.

Another option is to support regexes in those prefixes list and for custom scmurls adding just * or something, but I don't like this option very much.

What are your thoughts about that? I am willing to implement it (it is very simple though), but I need some context for it.

+1 to bool for ALLOW_CUSTOM_URLS. We need the SCMURL check to ensure people build modules only from fedora dist-git in fedora.

You could also just put git:// in your configuration of conf.scmurls (which is effectively a wildcard). Would that work for you?

Thank you @ralph,

I think that it is not sufficient. What about URLs starting with http(s):// ?
I suggest PR#515 for solving this.

The PR#515 was merged, so I am closing this issue

Metadata Update from @frostyx:
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

5 years ago

Login to comment on this ticket.