Skip to content

Commit 02f1482

Browse files
authored
Merge pull request #2332 from jrozner/http-database
Allow HTTP connections to fetch database
2 parents 70b4aac + d206003 commit 02f1482

File tree

4 files changed

+22
-3
lines changed

4 files changed

+22
-3
lines changed

extensions/ql-vscode/CHANGELOG.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,8 @@
22

33
## [UNRELEASED]
44

5+
- Add new configuration option to allow downloading databases from http, non-secure servers. [#2332](https://github.com/github/vscode-codeql/pull/2332)
6+
57
## 1.8.2 - 12 April 2023
68

79
- Fix bug where users could end up with the managed CodeQL CLI getting uninstalled during upgrades and not reinstalled. [#2294](https://github.com/github/vscode-codeql/pull/2294)

extensions/ql-vscode/package.json

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -293,6 +293,11 @@
293293
"scope": "window",
294294
"minimum": 0,
295295
"description": "Report a warning for any join order whose metric exceeds this value."
296+
},
297+
"codeQL.databaseDownload.allowHttp": {
298+
"type": "boolean",
299+
"default": false,
300+
"description": "Allow database to be downloaded via HTTP. Warning: enabling this option will allow downloading from insecure servers."
296301
}
297302
}
298303
},

extensions/ql-vscode/src/config.ts

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -608,3 +608,14 @@ export const CODESPACES_TEMPLATE = new Setting(
608608
export function isCodespacesTemplate() {
609609
return !!CODESPACES_TEMPLATE.getValue<boolean>();
610610
}
611+
612+
const DATABASE_DOWNLOAD_SETTING = new Setting("databaseDownload", ROOT_SETTING);
613+
614+
export const ALLOW_HTTP_SETTING = new Setting(
615+
"allowHttp",
616+
DATABASE_DOWNLOAD_SETTING,
617+
);
618+
619+
export function allowHttp(): boolean {
620+
return ALLOW_HTTP_SETTING.getValue<boolean>() || false;
621+
}

extensions/ql-vscode/src/databaseFetcher.ts

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@ import {
2727
} from "./common/github-url-identifier-helper";
2828
import { Credentials } from "./common/authentication";
2929
import { AppCommandManager } from "./common/commands";
30+
import { ALLOW_HTTP_SETTING } from "./config";
3031

3132
/**
3233
* Prompts a user to fetch a database from a remote location. Database is assumed to be an archive file.
@@ -49,7 +50,7 @@ export async function promptImportInternetDatabase(
4950
return;
5051
}
5152

52-
validateHttpsUrl(databaseUrl);
53+
validateUrl(databaseUrl);
5354

5455
const item = await databaseArchiveFetcher(
5556
databaseUrl,
@@ -356,15 +357,15 @@ async function getStorageFolder(storagePath: string, urlStr: string) {
356357
return folderName;
357358
}
358359

359-
function validateHttpsUrl(databaseUrl: string) {
360+
function validateUrl(databaseUrl: string) {
360361
let uri;
361362
try {
362363
uri = Uri.parse(databaseUrl, true);
363364
} catch (e) {
364365
throw new Error(`Invalid url: ${databaseUrl}`);
365366
}
366367

367-
if (uri.scheme !== "https") {
368+
if (!ALLOW_HTTP_SETTING.getValue() && uri.scheme !== "https") {
368369
throw new Error("Must use https for downloading a database.");
369370
}
370371
}

0 commit comments

Comments
 (0)