Merge pull request #2332 from jrozner/http-database

Allow HTTP connections to fetch database
github · Apr 18, 2023 · 02f1482 · 02f1482
2 parents 70b4aac + d206003
commit 02f1482
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 3 deletions.
diff --git a/extensions/ql-vscode/CHANGELOG.md b/extensions/ql-vscode/CHANGELOG.md
@@ -2,6 +2,8 @@
 
 ## [UNRELEASED]
 
+- Add new configuration option to allow downloading databases from http, non-secure servers. [#2332](https://github.com/github/vscode-codeql/pull/2332)
+
 ## 1.8.2 - 12 April 2023
 
 - Fix bug where users could end up with the managed CodeQL CLI getting uninstalled during upgrades and not reinstalled. [#2294](https://github.com/github/vscode-codeql/pull/2294)

diff --git a/extensions/ql-vscode/package.json b/extensions/ql-vscode/package.json
@@ -293,6 +293,11 @@
           "scope": "window",
           "minimum": 0,
           "description": "Report a warning for any join order whose metric exceeds this value."
+        },
+        "codeQL.databaseDownload.allowHttp": {
+          "type": "boolean",
+          "default": false,
+          "description": "Allow database to be downloaded via HTTP. Warning: enabling this option will allow downloading from insecure servers."
         }
       }
     },

diff --git a/extensions/ql-vscode/src/config.ts b/extensions/ql-vscode/src/config.ts
@@ -608,3 +608,14 @@ export const CODESPACES_TEMPLATE = new Setting(
 export function isCodespacesTemplate() {
   return !!CODESPACES_TEMPLATE.getValue<boolean>();
 }
+
+const DATABASE_DOWNLOAD_SETTING = new Setting("databaseDownload", ROOT_SETTING);
+
+export const ALLOW_HTTP_SETTING = new Setting(
+  "allowHttp",
+  DATABASE_DOWNLOAD_SETTING,
+);
+
+export function allowHttp(): boolean {
+  return ALLOW_HTTP_SETTING.getValue<boolean>() || false;
+}
diff --git a/extensions/ql-vscode/src/databaseFetcher.ts b/extensions/ql-vscode/src/databaseFetcher.ts
@@ -27,6 +27,7 @@ import {
 } from "./common/github-url-identifier-helper";
 import { Credentials } from "./common/authentication";
 import { AppCommandManager } from "./common/commands";
+import { ALLOW_HTTP_SETTING } from "./config";
 
 /**
  * Prompts a user to fetch a database from a remote location. Database is assumed to be an archive file.
@@ -49,7 +50,7 @@ export async function promptImportInternetDatabase(
     return;
   }
 
-  validateHttpsUrl(databaseUrl);
+  validateUrl(databaseUrl);
 
   const item = await databaseArchiveFetcher(
     databaseUrl,
@@ -356,15 +357,15 @@ async function getStorageFolder(storagePath: string, urlStr: string) {
   return folderName;
 }
 
-function validateHttpsUrl(databaseUrl: string) {
+function validateUrl(databaseUrl: string) {
   let uri;
   try {
     uri = Uri.parse(databaseUrl, true);
   } catch (e) {
     throw new Error(`Invalid url: ${databaseUrl}`);
   }
 
-  if (uri.scheme !== "https") {
+  if (!ALLOW_HTTP_SETTING.getValue() && uri.scheme !== "https") {
     throw new Error("Must use https for downloading a database.");
   }
 }