Re: [git-users] Git push URL encoding issue
On Thu, 3 Sep 2015 10:01:01 -0700 (PDT) Bideep Bezbaruahwrote: > This is a service consumed by many users and there is a validation > requirement where every user trying to use this service, needs to be > authenticated against the repo that is passed. For ex: User '23784' > needs to be authenticated against > https://github.company.com/abcd/devrepo URL before allowing to > proceed further. Yes, this is quite obvious. This is how any single-pass authentication works. ;-) > I know about the security concern and also this > works with GitHub access tokens and even with passwords without > special characters. Just trying to see if there is a way to make it > work with encoded password. May be I failed to convey my question properly, but *normally* you don't encode credentials into URLs when working with Git, and instead you're either using the so-called "netrc" file for libcurl (a library used by Git to access repos via http[s]://) or a credential helper -- a program which supplies Git with credentials (which it obtains from whatever medium it is taught to operate with). So the question remains: why are you trying to solve this problem asswards instead of just doing what everyone else normally do? And so may be it's just simpler to learn about the netrc file and use it -- hence forgoing the original problem completely? -- You received this message because you are subscribed to the Google Groups "Git for human beings" group. To unsubscribe from this group and stop receiving emails from it, send an email to git-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [git-users] Git push URL encoding issue
On Thu, 3 Sep 2015 09:24:40 -0700 (PDT) Bideep Bezbaruahwrote: > I have a use case to push files to git using command like: > > git push https://:github.company.com/abcd/devrepo > > master:master > > But, if the password contains special characters like ‘@’ and ‘$’, I > am converting it to hex code like ‘%40’ and %24. > > So, the URL looks like > > https://23784:abcd%40%241...@github.company.com/abcd/devrepo > > I was thinking it should work since I am encoding the special > character, but it throws 403 error everytime. This works fine for > password without special characters where we don’t need to encode any > characters. Before we'll try to do something about this... Your approach stinks security-wise. Are you sure you really do have no technical possibility to use ~/.netrc or a custom Git credential helper to make this work without encoding credentials into URLs? -- You received this message because you are subscribed to the Google Groups "Git for human beings" group. To unsubscribe from this group and stop receiving emails from it, send an email to git-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [git-users] Git push URL encoding issue
This is a service consumed by many users and there is a validation requirement where every user trying to use this service, needs to be authenticated against the repo that is passed. For ex: User '23784' needs to be authenticated against https://github.company.com/abcd/devrepo URL before allowing to proceed further. I know about the security concern and also this works with GitHub access tokens and even with passwords without special characters. Just trying to see if there is a way to make it work with encoded password. On Thursday, 3 September 2015 12:44:02 UTC-4, Konstantin Khomoutov wrote: > > On Thu, 3 Sep 2015 09:24:40 -0700 (PDT) > Bideep Bezbaruahwrote: > > > I have a use case to push files to git using command like: > > > > git push https://:github.company.com/abcd/devrepo > > > master:master > > > > But, if the password contains special characters like ‘@’ and ‘$’, I > > am converting it to hex code like ‘%40’ and %24. > > > > So, the URL looks like > > > > https://23784:abcd%40%241...@github.company.com/abcd/devrepo > > > > I was thinking it should work since I am encoding the special > > character, but it throws 403 error everytime. This works fine for > > password without special characters where we don’t need to encode any > > characters. > > Before we'll try to do something about this... > > Your approach stinks security-wise. Are you sure you really do have no > technical possibility to use ~/.netrc or a custom Git credential helper > to make this work without encoding credentials into URLs? > -- You received this message because you are subscribed to the Google Groups "Git for human beings" group. To unsubscribe from this group and stop receiving emails from it, send an email to git-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.