Mirrors/gitea
0
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2026-05-14 21:47:38 +02:00
Code Issues Activity

Restrict abbreviated hash matching to commit URLs

Browse Source 
For short hashes (< 40 chars), only match URLs with /commit/ path
segment to avoid false positives like src/main/20260304.txt being
rendered as commit links.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
silverwind 2026-03-01 12:51:12 +01:00
parent e73752bee6
commit 5c3929a442
No known key found for this signature in database
GPG Key ID: 2E62B41C93869443
2 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
modules/markup/html_commit.go
View File

@ -75,6 +75,11 @@ func anyHashPatternExtract(s string) (ret anyHashPatternResult, ok bool) {
}
ret.CommitID = s[m[pos]:m[pos+1]]
// For abbreviated hashes (< 40 chars), only match commit URLs to avoid
// false positives like "http://host/org/repo/src/main/20260304.txt"
if len(ret.CommitID) < 40 && !strings.HasSuffix(s[ret.PosStart:m[pos]], "/commit/") {
return ret, false
}
pos += 2
ret.CommitExt = s[m[pos]:m[pos+1]]

3
modules/markup/html_internal_test.go
View File

@ -382,6 +382,9 @@ func TestRegExp_anySHA1Pattern(t *testing.T) {
"https://github.com/jquery/jquery/commit/0705be4": {
CommitID: "0705be4",
},
// short hex strings in non-commit URLs should not match
"http://localhost:3000/foo/bar/src/main/20260304.txt": {},
"http://localhost:3000/foo/bar/blob/main/abcdef1/file": {},
"non-url": {},
"http://a/b/c/d/e/1234567812345678123456781234567812345678123456781234567812345678?a=b#L1-L2": {
CommitID: "1234567812345678123456781234567812345678123456781234567812345678",