addressing comments from stevvooe

Signed-off-by: Mike Brown <brownwm@us.ibm.com>
2025-09-24 12:37:00 +00:00 · 2017-07-20 20:44:02 -05:00
parent c1532332ad
commit ec2aa05cdf
6 changed files with 86 additions and 144 deletions
--- a/registry/storage/ocimanifesthandler.go
+++ b/registry/storage/ocimanifesthandler.go
@@ -3,7 +3,6 @@ package storage
 import (
 	"encoding/json"
 	"fmt"
-	"net/url"

 	"github.com/docker/distribution"
 	"github.com/docker/distribution/context"
@@ -80,23 +79,6 @@ func (ms *ocischemaManifestHandler) verifyManifest(ctx context.Context, mnfst oc
 		var err error

 		switch descriptor.MediaType {
-		// TODO: mikebrow/steveoe verify we should treat oci nondistributable like foreign layers?
-		case v1.MediaTypeImageLayerNonDistributable, v1.MediaTypeImageLayerNonDistributableGzip:
-			// Clients download this layer from an external URL, so do not check for
-			// its presence.
-			if len(descriptor.URLs) == 0 {
-				err = errMissingURL
-			}
-			allow := ms.manifestURLs.allow
-			deny := ms.manifestURLs.deny
-			for _, u := range descriptor.URLs {
-				var pu *url.URL
-				pu, err = url.Parse(u)
-				if err != nil || (pu.Scheme != "http" && pu.Scheme != "https") || pu.Fragment != "" || (allow != nil && !allow.MatchString(u)) || (deny != nil && deny.MatchString(u)) {
-					err = errInvalidURL
-					break
-				}
-			}
 		case v1.MediaTypeImageManifest:
 			var exists bool
 			exists, err = manifestService.Exists(ctx, descriptor.Digest)
--- a/registry/storage/ocimanifesthandler_test.go
+++ b/registry/storage/ocimanifesthandler_test.go
@@ -53,12 +53,6 @@ func TestVerifyOCIManifestNonDistributableLayer(t *testing.T) {

 	cases := []testcase{
 		{
-			nonDistributableLayer,
-			nil,
-			errMissingURL,
-		},
-		{
-			// regular layers may have foreign urls (non-Distributable Layers)
 			layer,
 			[]string{"http://foo/bar"},
 			nil,
@@ -66,37 +60,37 @@ func TestVerifyOCIManifestNonDistributableLayer(t *testing.T) {
 		{
 			nonDistributableLayer,
 			[]string{"file:///local/file"},
-			errInvalidURL,
+			nil,
 		},
 		{
 			nonDistributableLayer,
 			[]string{"http://foo/bar#baz"},
-			errInvalidURL,
+			nil,
 		},
 		{
 			nonDistributableLayer,
 			[]string{""},
-			errInvalidURL,
+			nil,
 		},
 		{
 			nonDistributableLayer,
 			[]string{"https://foo/bar", ""},
-			errInvalidURL,
+			nil,
 		},
 		{
 			nonDistributableLayer,
 			[]string{"", "https://foo/bar"},
-			errInvalidURL,
+			nil,
 		},
 		{
 			nonDistributableLayer,
 			[]string{"http://nope/bar"},
-			errInvalidURL,
+			nil,
 		},
 		{
 			nonDistributableLayer,
 			[]string{"http://foo/nope"},
-			errInvalidURL,
+			nil,
 		},
 		{
 			nonDistributableLayer,