diff --git a/python/ycm/client/base_request.py b/python/ycm/client/base_request.py index 707339612a..1b3e06b7e1 100644 --- a/python/ycm/client/base_request.py +++ b/python/ycm/client/base_request.py @@ -324,7 +324,10 @@ def _ValidateResponseObject( response, response_text ): def _BuildUri( handler ): - return ToBytes( urljoin( BaseRequest.server_location, handler ) ) + request_uri = urljoin( BaseRequest.server_location, handler ) + if urlparse( request_uri ).scheme not in ( 'http', 'https' ): + raise RuntimeError( 'Invalid URI scheme. Only http and https are allowed.' ) + return ToBytes( request_uri ) def MakeServerException( data ): diff --git a/python/ycm/tests/client/base_request_test.py b/python/ycm/tests/client/base_request_test.py index 1ad5a06034..75b0bd6357 100644 --- a/python/ycm/tests/client/base_request_test.py +++ b/python/ycm/tests/client/base_request_test.py @@ -18,10 +18,10 @@ from ycm.tests.test_utils import MockVimBuffers, MockVimModule, VimBuffer MockVimModule() -from hamcrest import assert_that, has_entry +from hamcrest import assert_that, has_entry, equal_to from unittest import TestCase from unittest.mock import patch -from ycm.client.base_request import BuildRequestData +from ycm.client.base_request import BuildRequestData, _BuildUri, BaseRequest class BaseRequestTest( TestCase ): @@ -40,3 +40,15 @@ def test_BuildRequestData_AddWorkingDirWithFileName( self, *args ): with MockVimBuffers( [ current_buffer ], [ current_buffer ] ): assert_that( BuildRequestData( current_buffer.number ), has_entry( 'working_dir', '/some/dir' ) ) + + + def test_BuildUri_ValidScheme( self ): + BaseRequest.server_location = 'http://localhost:1234' + assert_that( _BuildUri( 'handler' ), + equal_to( b'http://localhost:1234/handler' ) ) + + + def test_BuildUri_InvalidScheme( self ): + BaseRequest.server_location = 'http://localhost:1234' + with self.assertRaisesRegex( RuntimeError, 'Invalid URI scheme' ): + _BuildUri( 'file:///etc/passwd' )