generic: support GCM_ALLOW_UNSAFE_REMOTES option

Note that we only emit a warning for the generic host provider rather than failing-fast like the other providers do. This is because we never blocked HTTP remotes previously in the generic provider (which is often used for localhost, custom hosts, etc) and don't want to break any existing scenarios or scripts. The new option can be used to dismiss this warning message.
git-ecosystem · Oct 7, 2024 · fc067e8 · fc067e8
1 parent 7a613f3
commit fc067e8
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/src/shared/Core/GenericHostProvider.cs b/src/shared/Core/GenericHostProvider.cs
@@ -54,6 +54,17 @@ public override async Task<ICredential> GenerateCredentialAsync(InputArguments i
         {
             ThrowIfDisposed();
 
+            // We only want to *warn* about HTTP remotes for the generic provider because it supports all protocols
+            // and, historically, we never blocked HTTP remotes in this provider.
+            // The user can always set the 'GCM_ALLOW_UNSAFE' setting to silence the warning.
+            if (!Context.Settings.AllowUnsafeRemotes &&
+                StringComparer.OrdinalIgnoreCase.Equals(input.Protocol, "http"))
+            {
+                Context.Streams.Error.WriteLine(
+                    "warning: use of unencrypted HTTP remote URLs is not recommended; " +
+                    $"see {Constants.HelpUrls.GcmUnsafeRemotes} for more information.");
+            }
+
             Uri uri = input.GetRemoteUri();
 
             // Determine the if the host supports Windows Integration Authentication (WIA) or OAuth