ExternalData: Hide security-sensitive details from output

Do not disclose credentials when printing URIs used to fetch external resources.
This commit is contained in:
Alex Turbov 2016-07-13 18:23:29 +03:00
parent 507aa256e5
commit 9b588b2bdf
1 changed files with 2 additions and 1 deletions

View File

@ -971,7 +971,8 @@ function(_ExternalData_download_object name hash algo var_obj)
set(url "${lhs}${algo}${rhs}")
endif()
endif()
message(STATUS "Fetching \"${url}\"")
string(REGEX REPLACE "((https?|ftp)://)([^@]+@)?(.*)" "\\1\\4" secured_url "${url}")
message(STATUS "Fetching \"${secured_url}\"")
if(url MATCHES "^ExternalDataCustomScript://([A-Za-z_][A-Za-z0-9_]*)/(.*)$")
_ExternalData_custom_fetch("${CMAKE_MATCH_1}" "${CMAKE_MATCH_2}" "${tmp}" err errMsg)
else()