import os
import re
import sys
+import urllib.parse
from . import _
from . import common
return lastbuild
+def check_update_check_data_url(app):
+ """UpdateCheckData must have a valid HTTPS URL to protect checkupdates runs
+ """
+ if app.UpdateCheckData:
+ urlcode, codeex, urlver, verex = app.UpdateCheckData.split('|')
+ for url in (urlcode, urlver):
+ parsed = urllib.parse.urlparse(url)
+ if not parsed.scheme or not parsed.netloc:
+ yield _('UpdateCheckData not a valid URL: {url}').format(url=url)
+ if parsed.scheme != 'https':
+ yield _('UpdateCheckData must use HTTPS URL: {url}').format(url=url)
+
+
def check_ucm_tags(app):
lastbuild = get_lastbuild(app.builds)
if (lastbuild is not None
app_check_funcs = [
check_regexes,
+ check_update_check_data_url,
check_ucm_tags,
check_char_limits,
check_old_links,