Allow HTTP connections to fetch database #2332
Conversation
extensions/ql-vscode/package.json
Outdated
| "codeQL.allowHttp": { | ||
| "type": "boolean", | ||
| "default": false, | ||
| "description": "Allow databases to be downloaded via HTTP" |
There was a problem hiding this comment.
| "description": "Allow databases to be downloaded via HTTP" | |
| "description": "Allow databases to be downloaded via HTTP. Warning: enabling this option will allow downloading from insecure servers." |
extensions/ql-vscode/package.json
Outdated
| @@ -293,6 +293,11 @@ | |||
| "scope": "window", | |||
| "minimum": 0, | |||
| "description": "Report a warning for any join order whose metric exceeds this value." | |||
| }, | |||
| "codeQL.allowHttp": { | |||
There was a problem hiding this comment.
Please make it clear that this is related to database downloads only.
| "codeQL.allowHttp": { | |
| "codeQL.databaseDownload.allowHttp": { |
extensions/ql-vscode/src/config.ts
Outdated
| export const ALLOW_HTTP = new Setting( | ||
| "allowHttp", | ||
| ROOT_SETTING, | ||
| ); |
There was a problem hiding this comment.
| export const ALLOW_HTTP = new Setting( | |
| "allowHttp", | |
| ROOT_SETTING, | |
| ); | |
| const DATABASE_DOWNLOAD_SETTING = new Setting("databaseDownload", ROOT_SETTING); | |
| export const ALLOW_HTTP_SETTING = new Setting( | |
| "allowHttp", | |
| DATABASE_DOWNLOAD_SETTING, | |
| ); |
| @@ -27,6 +27,7 @@ import { | |||
| } from "./common/github-url-identifier-helper"; | |||
| import { Credentials } from "./common/authentication"; | |||
| import { AppCommandManager } from "./common/commands"; | |||
| import { ALLOW_HTTP } from "./config"; | |||
There was a problem hiding this comment.
| import { ALLOW_HTTP } from "./config"; | |
| import { ALLOW_HTTP_SETTING } from "./config"; |
| @@ -49,7 +50,9 @@ export async function promptImportInternetDatabase( | |||
| return; | |||
| } | |||
|
|
|||
| validateHttpsUrl(databaseUrl); | |||
| if (!ALLOW_HTTP.getValue()) { | |||
There was a problem hiding this comment.
| if (!ALLOW_HTTP.getValue()) { | |
| if (!ALLOW_HTTP_SETTING.getValue()) { |
There was a problem hiding this comment.
Actually, on a deeper thought, can you push this check into the validateHttpsUrl method? Rename the method to validateUrl? This method parses the URL as well as check for https. It's probably better to continue to check that the URL parses regardless of whether or not it is https.
Something like this maybe:
function validateUrl(databaseUrl: string) {
let uri;
try {
uri = Uri.parse(databaseUrl, true);
} catch (e) {
throw new Error(`Invalid url: ${databaseUrl}`);
}
if (!ALLOW_HTTP_SETTING.getValue() && uri.scheme !== "https") {
throw new Error("Must use https for downloading a database.");
}
}
|
All changes made and fixed the linting issue from before. Ready for review |
Introduce a new config option to allow requests over HTTP when fetching a database from a URL.
|
I pushed a few minor changes to your branch: changelog note, typo fix in config description, and invalid variable reference fix. |
|
Awesome. Changes look good. Anything else you need from me? |
|
Nope. Let's wait for the checks to pass... |
Introduce a new config option to allow requests over HTTP when fetching a database from a URL.
Closes #2324
Checklist
ready-for-doc-reviewlabel there.