英文:
nodejs - escaping variable character within .env
问题
我的 .env 文件中有两个简单的变量:
USERNAME: "myusername"
PASSWORD: "mypassword&7"
问题是,当我尝试使用 shell.exec 来传递 git clone 命令时,似乎忽略了密码变量中的 '&7'。
shell.exec(`git clone https://${process.env.USERNAME}:${process.env.USERNAME}@github.com/my-repo/xyz-git-ops.git`);
它输出:
/bin/sh: 7@gmy-repo/xyz-git-ops.git: No such file or directory
Cloning into 'mypassword'...
fatal: unable to access 'https://myusername:mypassword/' URL using bad/illegal format or missing URL
我注意到了一些奇怪的地方:
1 - 它忽略了密码值的最后2个字符,即'&7',而 git clone 输出中将其替换为'/'。
2 - 如果我执行 console.log(process.env.USERNAME),它会完美地打印出值:mypassword&7
所有这些让我想知道是否有一种方法可以要么转义密码值中的'&'字符,要么是否我的通过 shell.exec() 传递凭据的方法完全错误。以下是我的 .js 文件的完整内容:
const nodeCron = require("node-cron");
const shell = require('shelljs');
const rpath = '/Users/myuser/Documents/Git Ops Cron/repos';
require('dotenv').config();
const start = Date.now();
const username = process.env.USERNAME
const password = process.env.PASSWORD
async function xyzGitOps(){
console.log("Running scheduled job", start);
shell.cd(rpath);
shell.exec(`git clone https://${username}:${password}@github.com/my-repo/xyz-git-ops.git`);
return console.log("Job finished");
}
const job = nodeCron.schedule("* * * * *", xyzGitOps);
英文:
My .env has, say, two simple variables:
USERNAME:"myusername"
PASSWORD:"mypassword&7"
The thing is, when I try to use shell.exec to pass a git clone command, it seems to be ignoring the '&7'from my password variable.
shell.exec(`git clone https://${process.env.USERNAME}:${process.env.USERNAME}@github.com/my-repo/xyz-git-ops.git`);
it outputs:
> /bin/sh: 7@gmy-repo/xyz-git-ops.git: No such file or directory
Cloning into 'mypassword'...
fatal: unable to access 'https://myusername:mypassword/': URL using bad/illegal format or missing URL
I notice a few weird stuff:
1 - it ignores the last 2 characters of my password value, the '&7'and the git clone output replaces it with a '/'instead.
2 - if I do console.log(process.env.USERNAME), it prints the value perfectly: mypassword&7
All that makes me wonder if is there a way of either escaping the '&' char from the password value or if my approach to pass credential via shell.exec() is absolutely mistaken. Bellow is the full content of my .js file
const nodeCron = require("node-cron");
const shell = require('shelljs');
const rpath = '/Users/myuser/Documents/Git Ops Cron/repos';
require('dotenv').config();
const start = Date.now();
const username = process.env.USERNAME
const password = process.env.PASSWORD
async function xyzGitOps(){
console.log("Running scheduled job", start);
shell.cd(rpath);
shell.exec(`git clone https://${username}:${password}@github.com/my-repo/xyz-git-ops.git`);
return console.log("Job finished");
}
const job = nodeCron.schedule("* * * * *", xyzGitOps);
答案1
得分: 2
URL的用户名/密码部分应该进行百分比编码。
node:url URL 类会为您执行此操作:
const repo = new URL(`https://github.com/my-repo/xyz-git-ops.git`)
repo.username = process.env.USERNAME
repo.password = process.env.PASSWORD
URL的.toString()方法会对这些值进行编码:
> String(repo)
'https://userw:pass%%2F%40%23$@github.com/my-repo/xyz-git-ops.git'
> `${repo}`
'https://userw:pass%%2F%40%23$@github.com/my-repo/xyz-git-ops.git'
英文:
The username/password component of a URL should be percent encoded.
The node:url URL class will do this for you
const repo = new URL(`https://github.com/my-repo/xyz-git-ops.git`)
repo.username = process.env.USERNAME
repo.password = process.env.PASSWORD
The URL's .toString() encodes the values:
> String(repo)
'https://userw:pass%%2F%40%23$@github.com/my-repo/xyz-git-ops.git'
> `${repo}`
'https://userw:pass%%2F%40%23$@github.com/my-repo/xyz-git-ops.git'
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论