Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-16703

Content selectors based on negative regular expressions do not handle leading slashes in a consistent manner

Details

    • 3
    • Yes

    Description

       

      Trying to create a regular expression that disallows access to paths starting with "/com/foo/bar/".

      This doesn't work:

      path =~ "(?!^/com/foo/bar/.*).*" 

      And this does:

      path =~ "(?!^com/foo/bar/.*).*" 

      However, for positive regular expressions...

      This doesn't work:

      path =~ "^/com/foo/bar/.*" 

      But this does work:

      path =~ "^com/foo/bar/.*"

      So that's at least consistent, but doesn't line up with our documentation at all, which states that:

      When writing a content selector, remember that the asset’s path will always begin with a leading slash when the selector is evaluated. This is true even though the leading slash is not displayed when searching or browsing assets.

       The above is the way it was supposed to work based on fixes done in --NEXUS-11632-- and --NEXUS-15545--.

      For positive regular expressions things are also quite odd, but in a slightly different way.

      This works:

      path =~ "/com/foo/bar/.*" 

      As does this:

      path =~ "com/foo/bar/.*" 

      This doesn't work:

      path =~ "^/com/foo/bar/.*" 

      But this does work:

      path =~ "^com/foo/bar/.*"

      Expected

      Content selectors that use regular expressions should require that paths start with "/". And using a leading "^" should be optional. That is the way Nexus 2.x works, so this is required for compatibility when upgrading.

      Update 4/2/18

      For upload this is needed:

      path =~ "/com/foo/bar/.*"

      So to make both upload and download work you need:

      path =~ "/?com/foo/bar/.*"

       

      Attachments

        Issue Links

          Activity

            People

              mcculls Stuart McCulloch
              rseddon Rich Seddon
              Peter Lynch Peter Lynch
              NXRM - Tron
              Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                tigCommentSecurity.panel-title