From 31ecf5ec7401adfb6b041aafa2e231f8d485401f Mon Sep 17 00:00:00 2001 From: Robin Munn Date: Mon, 10 Feb 2025 15:34:20 -0500 Subject: [PATCH 1/3] Correctly encode password in ServerSettingsModel The x-www-form-urlencoded MIME type says that we're URL-encoding the password, so we need to actually URL-encode the password if we want it to be handled correctly at the other end. --- src/LibChorus/Model/ServerSettingsModel.cs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/LibChorus/Model/ServerSettingsModel.cs b/src/LibChorus/Model/ServerSettingsModel.cs index eefb527a..71e4ceef 100644 --- a/src/LibChorus/Model/ServerSettingsModel.cs +++ b/src/LibChorus/Model/ServerSettingsModel.cs @@ -4,6 +4,7 @@ using System.Net; using System.Security.Cryptography; using System.Text; +using System.Web; using Chorus.Properties; using Chorus.Utilities; using Chorus.VcsDrivers; @@ -335,7 +336,7 @@ private WebResponse LogIn() var privateQuery = IsPrivateServer ? "?private=true" : string.Empty; var request = WebRequest.Create($"https://admin{LanguageForgeServer}/api/user/{Username}/projects{privateQuery}"); request.Method = "POST"; - var passwordBytes = Encoding.UTF8.GetBytes($"password={Password}"); + var passwordBytes = Encoding.UTF8.GetBytes($"password={HttpUtility.UrlEncode(Password)}"); request.ContentType = "application/x-www-form-urlencoded"; request.ContentLength = passwordBytes.Length; var passwordStream = request.GetRequestStream(); From 10c8ca35654552100fe8189efd760020fab20075 Mon Sep 17 00:00:00 2001 From: Robin Munn Date: Thu, 13 Feb 2025 17:47:38 -0500 Subject: [PATCH 2/3] Add CHANGELOG entry for this bugfix --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 42823738..bc99598f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -31,6 +31,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/). ### Fixed - Prevent S&R to Internet without full URL +- [SIL.Chorus.LibChorus] Correctly handle & and other special characters in passwords ## [5.1.0] - 2023-03-07 From 225c2993309521d1dea05700cbdd61469e1146c0 Mon Sep 17 00:00:00 2001 From: Robin Munn Date: Fri, 14 Feb 2025 14:05:30 -0500 Subject: [PATCH 3/3] ubuntu-latest is 24.04 now, we still need 22.04 We still need a python2 package which 24.04 no longer offers, so run this on 22.04 until the need for the python2 package goes away. --- .github/workflows/ci+cd.yml | 10 +++++----- .github/workflows/test-results.yml | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci+cd.yml b/.github/workflows/ci+cd.yml index a3e79c14..a26a9df7 100644 --- a/.github/workflows/ci+cd.yml +++ b/.github/workflows/ci+cd.yml @@ -11,7 +11,7 @@ on: jobs: event_file: name: "Event File" - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Upload uses: actions/upload-artifact@v4 @@ -25,11 +25,11 @@ jobs: strategy: fail-fast: false matrix: - os: [ubuntu-latest, windows-latest] + os: [ubuntu-22.04, windows-latest] framework: [net462, net8.0] exclude: # dotnet on Linux cannot build net461 without additional, unnecessary, work - - os: ubuntu-latest + - os: ubuntu-22.04 framework: net462 concurrency: group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.os }}-${{ matrix.framework }} @@ -55,7 +55,7 @@ jobs: - name: Install python2 for test execution run: sudo apt-get install python2 - if: matrix.os == 'ubuntu-latest' + if: matrix.os == 'ubuntu-22.04' - name: Test Chorus run: dotnet test src/Chorus.Tests/Chorus.Tests.csproj -f ${{ matrix.framework }} --no-build -c Release --filter TestCategory!=SkipOnBuildServer -- NUnit.TestOutputXml=TestResults @@ -146,7 +146,7 @@ jobs: publish-nuget: name: "Publish NuGet package" - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 needs: build-installers if: github.event_name == 'push' steps: diff --git a/.github/workflows/test-results.yml b/.github/workflows/test-results.yml index 24aac13f..f2f5056c 100644 --- a/.github/workflows/test-results.yml +++ b/.github/workflows/test-results.yml @@ -11,7 +11,7 @@ on: jobs: test-results: name: Test Results - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 if: github.event.workflow_run.conclusion != 'skipped' permissions: