Properly encode the Redis password component in the URL (!2999) · Merge requests · GitLab.org / omnibus-gitlab

Stan Hu requested to merge sh-encode-redis-password-in-url into master Jan 27, 2019

Passing in non-alphanumeric passwords, such as #, as a password would fail to parse properly in the GitLab CE Redis wrapper because the password component was not valid.

This merge request changes two things:

Change the custom redis:// URI handler to enforce that the Redis password conforms to RFC 2396. This is done in the standard HTTP URI handler already (https://github.com/ruby/ruby/blob/v2_5_3/lib/uri/generic.rb#L431-L433), but it was not done in the Redis URI implementation.
Encodes the password component when building the Redis URL.

Closes #3288 (closed)

Edited Nov 17, 2021 by GitLab Release Tools Bot

Properly encode the Redis password component in the URL

Merge request reports