Merge branch 'uri-userinfo-enc' into 'master'

uri: do not encode ':' and ';' from userinfo

See merge request GNOME/glib!1600

glib/guri.c

@@ -1330,6 +1330,7 @@ g_uri_resolve_relative (const gchar  *base_uri_string,
 static gchar *
 g_uri_join_internal (GUriFlags    flags,
                      const gchar *scheme,
+                     gboolean     userinfo,
                      const gchar *user,
                      const gchar *password,
                      const gchar *auth_params,
@@ -1355,11 +1356,14 @@ g_uri_join_internal (GUriFlags    flags,
             g_string_append (str, user);
           else
             {
-              /* Encode ':' and ';' regardless of whether we have a
-               * password or auth params, since it may be parsed later
-               * under the assumption that it does.
-               */
-              g_string_append_uri_escaped (str, user, USER_ALLOWED_CHARS, TRUE);
+              if (userinfo)
+                g_string_append_uri_escaped (str, user, USERINFO_ALLOWED_CHARS, TRUE);
+              else
+                /* Encode ':' and ';' regardless of whether we have a
+                 * password or auth params, since it may be parsed later
+                 * under the assumption that it does.
+                 */
+                g_string_append_uri_escaped (str, user, USER_ALLOWED_CHARS, TRUE);
             }
 
           if (password)
@@ -1469,7 +1473,7 @@ g_uri_join (GUriFlags    flags,
 
   return g_uri_join_internal (flags,
                               scheme,
-                              userinfo, NULL, NULL,
+                              TRUE, userinfo, NULL, NULL,
                               host,
                               port,
                               path,
@@ -1521,7 +1525,7 @@ g_uri_join_with_user (GUriFlags    flags,
 
   return g_uri_join_internal (flags,
                               scheme,
-                              user, password, auth_params,
+                              FALSE, user, password, auth_params,
                               host,
                               port,
                               path,
@@ -1591,7 +1595,10 @@ g_uri_build (GUriFlags    flags,
  * @query: (nullable): the query component, or %NULL
  * @fragment: (nullable): the fragment, or %NULL
  *
- * Creates a new #GUri from the given components according to @flags.
+ * Creates a new #GUri from the given components according to @flags
+ * (%G_URI_FLAGS_HAS_PASSWORD is added unconditionally). The @flags must be
+ * coherent with the passed values, in particular use `%`-encoded values with
+ * %G_URI_FLAGS_ENCODED.
 
  * In constrast to g_uri_build(), this allows specifying the components
  * of the "userinfo" field separately. Note that @user must be non-%NULL
@@ -1623,7 +1630,7 @@ g_uri_build_with_user (GUriFlags    flags,
   g_return_val_if_fail (path != NULL, NULL);
 
   uri = g_atomic_rc_box_new0 (GUri);
-  uri->flags = flags;
+  uri->flags = flags | G_URI_FLAGS_HAS_PASSWORD;
   uri->scheme = g_ascii_strdown (scheme, -1);
   uri->user = g_strdup (user);
   uri->password = g_strdup (password);
@@ -1636,33 +1643,19 @@ g_uri_build_with_user (GUriFlags    flags,
 
   if (user)
     {
-      userinfo = g_string_new (NULL);
-      if (flags & G_URI_FLAGS_ENCODED)
-        g_string_append (userinfo, uri->user);
-      else
-        g_string_append_uri_escaped (userinfo, uri->user, USER_ALLOWED_CHARS, TRUE);
+      userinfo = g_string_new (user);
       if (password)
         {
           g_string_append_c (userinfo, ':');
-          if (flags & G_URI_FLAGS_ENCODED)
-            g_string_append (userinfo, uri->password);
-          else
-            g_string_append_uri_escaped (userinfo, uri->password,
-                                         PASSWORD_ALLOWED_CHARS, TRUE);
+          g_string_append (userinfo, uri->password);
         }
       if (auth_params)
         {
           g_string_append_c (userinfo, ';');
-          if (flags & G_URI_FLAGS_ENCODED)
-            g_string_append (userinfo, uri->auth_params);
-          else
-            g_string_append_uri_escaped (userinfo,
-                                         uri->auth_params, AUTH_PARAMS_ALLOWED_CHARS, TRUE);
+          g_string_append (userinfo, uri->auth_params);
         }
       uri->userinfo = g_string_free (userinfo, FALSE);
     }
-  else
-    uri->userinfo = NULL;
 
   return uri;
 }

glib/tests/uri.c

@@ -921,27 +921,27 @@ test_uri_to_string (void)
   uri = g_uri_build_with_user (G_URI_FLAGS_NONE, "scheme", "user", "pass", "auth", "host", 1234,
                                "/path", "query", "fragment");
   tostring = g_uri_to_string (uri);
-  g_assert_cmpstr (tostring, ==, "scheme://user%3Apass%3Bauth@host:1234/path?query#fragment");
+  g_assert_cmpstr (tostring, ==, "scheme://user:pass;auth@host:1234/path?query#fragment");
   g_free (tostring);
   tostring = g_uri_to_string_partial (uri, G_URI_HIDE_USERINFO);
   g_assert_cmpstr (tostring, ==, "scheme://host:1234/path?query#fragment");
   g_free (tostring);
   tostring = g_uri_to_string_partial (uri, G_URI_HIDE_FRAGMENT);
-  g_assert_cmpstr (tostring, ==, "scheme://user%3Apass%3Bauth@host:1234/path?query");
+  g_assert_cmpstr (tostring, ==, "scheme://user:pass;auth@host:1234/path?query");
   g_free (tostring);
   g_uri_unref (uri);
 
   uri = g_uri_build_with_user (G_URI_FLAGS_HAS_PASSWORD|G_URI_FLAGS_HAS_AUTH_PARAMS,
-                               "scheme", "user", "pass", "auth", "host", 1234,
+                               "scheme", "us:er", "pass", "auth", "host", 1234,
                                "/path", "query", "fragment");
   tostring = g_uri_to_string (uri);
-  g_assert_cmpstr (tostring, ==, "scheme://user:pass;auth@host:1234/path?query#fragment");
+  g_assert_cmpstr (tostring, ==, "scheme://us%3Aer:pass;auth@host:1234/path?query#fragment");
   g_free (tostring);
   tostring = g_uri_to_string_partial (uri, G_URI_HIDE_PASSWORD);
-  g_assert_cmpstr (tostring, ==, "scheme://user;auth@host:1234/path?query#fragment");
+  g_assert_cmpstr (tostring, ==, "scheme://us%3Aer;auth@host:1234/path?query#fragment");
   g_free (tostring);
   tostring = g_uri_to_string_partial (uri, G_URI_HIDE_AUTH_PARAMS);
-  g_assert_cmpstr (tostring, ==, "scheme://user:pass@host:1234/path?query#fragment");
+  g_assert_cmpstr (tostring, ==, "scheme://us%3Aer:pass@host:1234/path?query#fragment");
   g_free (tostring);
   g_uri_unref (uri);
 }
@@ -974,7 +974,7 @@ test_uri_build (void)
                                "authparams", "host", 1234,
                                "/path", "query", "fragment");
 
-  g_assert_cmpint (g_uri_get_flags (uri), ==, G_URI_FLAGS_NON_DNS);
+  g_assert_cmpint (g_uri_get_flags (uri), ==, G_URI_FLAGS_NON_DNS | G_URI_FLAGS_HAS_PASSWORD);
   g_assert_cmpstr (g_uri_get_scheme (uri), ==, "scheme");
   g_assert_cmpstr (g_uri_get_userinfo (uri), ==, "user:password;authparams");
   g_assert_cmpstr (g_uri_get_host (uri), ==, "host");
@@ -987,6 +987,12 @@ test_uri_build (void)
   g_assert_cmpstr (g_uri_get_auth_params (uri), ==, "authparams");
   g_uri_unref (uri);
 
+  uri = g_uri_build_with_user (G_URI_FLAGS_NONE, "scheme", "user\001", "password\002",
+                               "authparams\003", "host", 1234,
+                               "/path", "query", "fragment");
+  g_assert_cmpstr (g_uri_get_userinfo (uri), ==, "user\001:password\002;authparams\003");
+  g_uri_unref (uri);
+
   uri = g_uri_build_with_user (G_URI_FLAGS_ENCODED, "scheme", "user%01", "password%02",
                                "authparams%03", "host", 1234,
                                "/path", "query", "fragment");
@@ -1425,6 +1431,10 @@ test_uri_join (void)
 {
   gchar *uri = NULL;
 
+  uri = g_uri_join (G_URI_FLAGS_NONE, "foo", "some:user@info", "bar", -1, "", NULL, NULL);
+  g_assert_cmpstr (uri, ==, "foo://some:user%40info@bar");
+  g_free (uri);
+
   uri = g_uri_join_with_user (G_URI_FLAGS_NONE, "scheme", "user\001", "pass\002", "authparams\003",
                               "host", 9876, "/path", "query", "fragment");
   g_assert_cmpstr (uri, ==, "scheme://user%01:pass%02;authparams%03@host:9876/path?query#fragment");