Skip to content

Commit b099bb3

Browse files
mislavmislav
committed
api command: accept full URLs as path input
This is to allow file uploads to `https://uploads.github.com`
1 parent b329919 commit b099bb3

File tree

2 files changed

+19
-5
lines changed

2 files changed

+19
-5
lines changed

api/client.go

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,11 @@ func NewClient(opts ...ClientOption) *Client {
3535
func AddHeader(name, value string) ClientOption {
3636
return func(tr http.RoundTripper) http.RoundTripper {
3737
return &funcTripper{roundTrip: func(req *http.Request) (*http.Response, error) {
38-
req.Header.Add(name, value)
38+
// prevent the token from leaking to non-GitHub hosts
39+
// TODO: GHE support
40+
if !strings.EqualFold(name, "Authorization") || strings.HasSuffix(req.URL.Hostname(), ".github.com") {
41+
req.Header.Add(name, value)
42+
}
3943
return tr.RoundTrip(req)
4044
}}
4145
}
@@ -45,7 +49,11 @@ func AddHeader(name, value string) ClientOption {
4549
func AddHeaderFunc(name string, value func() string) ClientOption {
4650
return func(tr http.RoundTripper) http.RoundTripper {
4751
return &funcTripper{roundTrip: func(req *http.Request) (*http.Response, error) {
48-
req.Header.Add(name, value())
52+
// prevent the token from leaking to non-GitHub hosts
53+
// TODO: GHE support
54+
if !strings.EqualFold(name, "Authorization") || strings.HasSuffix(req.URL.Hostname(), ".github.com") {
55+
req.Header.Add(name, value())
56+
}
4957
return tr.RoundTrip(req)
5058
}}
5159
}

pkg/cmd/api/http.go

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -11,16 +11,22 @@ import (
1111
)
1212

1313
func httpRequest(client *http.Client, method string, p string, params interface{}, headers []string) (*http.Response, error) {
14+
var requestURL string
1415
// TODO: GHE support
15-
url := "https://api.github.com/" + p
16+
if strings.Contains(p, "://") {
17+
requestURL = p
18+
} else {
19+
requestURL = "https://api.github.com/" + p
20+
}
21+
1622
var body io.Reader
1723
var bodyIsJSON bool
1824
isGraphQL := p == "graphql"
1925

2026
switch pp := params.(type) {
2127
case map[string]interface{}:
2228
if strings.EqualFold(method, "GET") {
23-
url = addQuery(url, pp)
29+
requestURL = addQuery(requestURL, pp)
2430
} else {
2531
for key, value := range pp {
2632
switch vv := value.(type) {
@@ -46,7 +52,7 @@ func httpRequest(client *http.Client, method string, p string, params interface{
4652
return nil, fmt.Errorf("unrecognized parameters type: %v", params)
4753
}
4854

49-
req, err := http.NewRequest(method, url, body)
55+
req, err := http.NewRequest(method, requestURL, body)
5056
if err != nil {
5157
return nil, err
5258
}

0 commit comments

Comments
 (0)