core: test for URI escaping

2015-07-06 16:26:06 -06:00 · 2015-07-06 16:26:06 -06:00 · 6c06db776d
parent 92e6062f8d
commit 6c06db776d
2 changed files with 22 additions and 1 deletions
--- a/lib/vagrant/util/downloader.rb
+++ b/lib/vagrant/util/downloader.rb
@ -27,7 +27,7 @@ module Vagrant
        @destination = destination.to_s

        begin
-          url = URI.parse(URI.escape(@source))
+          url = URI.parse(@source)
          if url.scheme && url.scheme.start_with?("http") && url.user
            auth = "#{URI.unescape(url.user)}"
            auth += ":#{URI.unescape(url.password)}" if url.password
--- a/test/unit/vagrant/util/downloader_test.rb
+++ b/test/unit/vagrant/util/downloader_test.rb
@ -72,6 +72,27 @@ describe Vagrant::Util::Downloader do
        expect(subject.download!).to be_true
      end
    end
+
+    context "with an urlescaped username and password" do
+      it "downloads the file with unescaped credentials" do
+        original_source = source
+        source  = "http://fo%5Eo:b%40r@baz.com/box.box"
+        subject = described_class.new(source, destination)
+
+        i = curl_options.index(original_source)
+        curl_options[i] = "http://baz.com/box.box"
+
+        i = curl_options.index("--output")
+        curl_options.insert(i, "fo^o:b@r")
+        curl_options.insert(i, "-u")
+
+        expect(Vagrant::Util::Subprocess).to receive(:execute).
+          with("curl", *curl_options).
+          and_return(subprocess_result)
+
+        expect(subject.download!).to be_true
+      end
+    end
  end

  describe "#head" do