Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 419632

Summary: cannot push new branch with name containing '/' -
Product: [ECD] Orion Reporter: Grant Gayed <grant_gayed>
Component: GitAssignee: Project Inbox <orion.git-inbox>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: P3 CC: matthias.sohn, stefan.lay
Version: 4.0   
Target Milestone: 5.0 RC1   
Hardware: PC   
OS: All   
Whiteboard:

Description Grant Gayed CLA 2013-10-16 15:54:23 EDT 
I20131016-1157

- on the Repositories page for org.eclipse.orion.client pull the latest content from origin/master
- create a new branch whose name contains a '/' character, like "asdf/testBranch" (no quotes), and check it out
   -> shows 20+ commits to be pushed
- press Push All
- in the subsequent Choose Branch dialog select "origin" and type name "asdf/testBranch" (no quotes), OK
   -> an error status is shown before it gets far enough to ask for a password: "Problem while performing the action"

- these steps work fine if the branch name does not include a '/' character
- '/' is a valid character for branch names, we use them in swt to track who created and can purge a branch (eg.- "ggayed/branchName")
Comment 1 Stefan Lay CLA 2014-02-03 08:14:33 EST 
The git ui does encode the "/" once to %2F. This is not accepted by most servers because of security reasons [1].

Because of that branch references are encoded twice in orion:

- branch names are encoded twice on the server
   Branch.toJSON
   --Branch.getCommitLocation
      --Branch.getName -> first encoding
      --BaseToCommitConverter.getCommitLocation
         --new URI -> second encoding
- branch names are decoded twice on server
   GitServlet.doGet
   --req.getPathInfo() first decoding
   --PushJob
      -- GitUtils.decode(path.segment(1)); second decoding
      
I'll propose a fix.
      
 [1] https://scapsync.com/cve/CVE-2007-0450
Comment 2 Stefan Lay CLA 2014-02-03 09:49:08 EST 
Fix pushed to Gerrit: https://git.eclipse.org/r/21471
Comment 3 Matthias Sohn CLA 2014-02-04 11:42:59 EST 
merged as 601bd328192895e092cf0f4d8a4fadc641b4fea5