Skip to content

Commit

Permalink
more specific regex for basic auth
Browse files Browse the repository at this point in the history
  • Loading branch information
Aaron Loo committed Dec 1, 2018
1 parent 839f02b commit 89ff594
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 1 deletion.
6 changes: 5 additions & 1 deletion detect_secrets/plugins/basic_auth.py
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,12 @@
from detect_secrets.core.potential_secret import PotentialSecret


SPECIAL_URL_CHARACTERS = ':/?#[]@'
BASIC_AUTH_REGEX = re.compile(
r'://[^:]+:([^@]+)@',
r'://[^{}\s]+:([^{}\s]+)@'.format(
re.escape(SPECIAL_URL_CHARACTERS),
re.escape(SPECIAL_URL_CHARACTERS),
),
)


Expand Down
1 change: 1 addition & 0 deletions tests/plugins/basic_auth_test.py
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ class TestBasicAuthDetector(object):
'payload, should_flag',
[
('https://username:password@yelp.com', True,),
('http://localhost:5000/<%= @variable %>', False,),
],
)
def test_analyze_string(self, payload, should_flag):
Expand Down

0 comments on commit 89ff594

Please sign in to comment.