Merge topic 'ExternalData-SecurityFix'

9b588b2b ExternalData: Hide security-sensitive details from output
2016-07-14 09:24:05 -04:00 · 2016-07-14 09:24:05 -04:00 · 6f36dce0cf
parent 2fe520d2b0 9b588b2bdf
commit 6f36dce0cf
1 changed files with 2 additions and 1 deletions
--- a/Modules/ExternalData.cmake
+++ b/Modules/ExternalData.cmake
@ -971,7 +971,8 @@ function(_ExternalData_download_object name hash algo var_obj)
        set(url "${lhs}${algo}${rhs}")
      endif()
    endif()
-    message(STATUS "Fetching \"${url}\"")
+    string(REGEX REPLACE "((https?|ftp)://)([^@]+@)?(.*)" "\\1\\4" secured_url "${url}")
+    message(STATUS "Fetching \"${secured_url}\"")
    if(url MATCHES "^ExternalDataCustomScript://([A-Za-z_][A-Za-z0-9_]*)/(.*)$")
      _ExternalData_custom_fetch("${CMAKE_MATCH_1}" "${CMAKE_MATCH_2}" "${tmp}" err errMsg)
    else()