fix(integrations): phabricator host validation (#64882)

getsentry · Feb 8, 2024 · 6013463 · 6013463
1 parent d7ef6ef
commit 6013463
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 0 deletions.
diff --git a/src/sentry_plugins/phabricator/plugin.py b/src/sentry_plugins/phabricator/plugin.py
@@ -8,6 +8,7 @@
 
 from sentry.exceptions import PluginError
 from sentry.integrations import FeatureDescription, IntegrationFeatures
+from sentry.net.socket import is_valid_url
 from sentry.plugins.bases.issue2 import IssueGroupActionEndpoint, IssuePlugin2
 from sentry.utils import json
 from sentry.utils.http import absolute_uri
@@ -33,6 +34,12 @@ def query_to_result(field, result):
     return result["fields"]["name"]
 
 
+def validate_host(value: str, **kwargs: object) -> str:
+    if not value.startswith(("http://", "https://")) or not is_valid_url(value):
+        raise PluginError("Not a valid URL.")
+    return value
+
+
 class PhabricatorPlugin(CorePluginMixin, IssuePlugin2):
     description = DESCRIPTION
 
@@ -78,6 +85,7 @@ def get_configure_plugin_fields(self, request: Request, project, **kwargs):
                 "type": "text",
                 "placeholder": "e.g. http://secure.phabricator.org",
                 "required": True,
+                "validators": [validate_host],
             },
             secret_field,
             {

diff --git a/tests/sentry_plugins/phabricator/test_plugin.py b/tests/sentry_plugins/phabricator/test_plugin.py
@@ -2,8 +2,11 @@
 
 import responses
 from django.test import RequestFactory
+from pytest import raises
 
+from sentry.exceptions import PluginError
 from sentry.testutils.cases import PluginTestCase
+from sentry.testutils.helpers import override_blocklist
 from sentry_plugins.phabricator.plugin import PhabricatorPlugin
 
 
@@ -43,3 +46,14 @@ def test_is_configured(self):
         assert self.plugin.is_configured(None, self.project) is False
         self.plugin.set_option("certificate", "a-certificate", self.project)
         assert self.plugin.is_configured(None, self.project) is True
+
+    @override_blocklist("127.0.0.1")
+    def test_invalid_url(self):
+        with raises(PluginError):
+            self.plugin.validate_config_field(
+                project=self.project, name="host", value="ftp://example.com"
+            )
+        with raises(PluginError):
+            self.plugin.validate_config_field(
+                project=self.project, name="host", value="http://127.0.0.1"
+            )