Make URL parsing more robust

2020-09-28 18:28:46 +01:00 · 2020-09-28 18:28:46 +01:00 · c4dc1b0438
--- a/lib/runner.js
+++ b/lib/runner.js
@ -23,24 +23,6 @@ const upload_lib = __importStar(require("./upload-lib"));
 const util_1 = require("./util");
 const program = new commander_1.Command();
 program.version("0.0.1");
-function parseGithubUrl(inputUrl) {
-    try {
-        const url = new URL(inputUrl);
-        // If we detect this is trying to be to github.com
-        // then return with a fixed canonical URL.
-        if (url.hostname === "github.com" || url.hostname === "api.github.com") {
-            return "https://github.com";
-        }
-        // Remove the API prefix if it's present
-        if (url.pathname.indexOf("/api/v3") !== -1) {
-            url.pathname = url.pathname.substring(0, url.pathname.indexOf("/api/v3"));
-        }
-        return url.toString();
-    }
-    catch (e) {
-        throw new Error(`"${inputUrl}" is not a valid URL`);
-    }
-}
 function getTempDir(userInput) {
    const tempDir = path.join(userInput || process.cwd(), "codeql-runner");
    if (!fs.existsSync(tempDir)) {
@ -126,9 +108,9 @@ program
            codeql = codeql_1.getCodeQL(cmd.codeqlPath);
        }
        else {
-            codeql = await init_1.initCodeQL(undefined, cmd.githubAuth, parseGithubUrl(cmd.githubUrl), tempDir, toolsDir, "runner", logger);
+            codeql = await init_1.initCodeQL(undefined, cmd.githubAuth, util_1.parseGithubUrl(cmd.githubUrl), tempDir, toolsDir, "runner", logger);
        }
-        const config = await init_1.initConfig(cmd.languages, cmd.queries, cmd.configFile, repository_1.parseRepositoryNwo(cmd.repository), tempDir, toolsDir, codeql, cmd.checkoutPath || process.cwd(), cmd.githubAuth, parseGithubUrl(cmd.githubUrl), logger);
+        const config = await init_1.initConfig(cmd.languages, cmd.queries, cmd.configFile, repository_1.parseRepositoryNwo(cmd.repository), tempDir, toolsDir, codeql, cmd.checkoutPath || process.cwd(), cmd.githubAuth, util_1.parseGithubUrl(cmd.githubUrl), logger);
        const tracerConfig = await init_1.runInit(codeql, config);
        if (tracerConfig === undefined) {
            return;
@ -237,7 +219,7 @@ program
            throw new Error("Config file could not be found at expected location. " +
                "Was the 'init' command run with the same '--temp-dir' argument as this command.");
        }
-        await analyze_1.runAnalyze(repository_1.parseRepositoryNwo(cmd.repository), cmd.commit, parseRef(cmd.ref), undefined, undefined, undefined, cmd.checkoutPath || process.cwd(), undefined, cmd.githubAuth, parseGithubUrl(cmd.githubUrl), cmd.upload, "runner", outputDir, util_1.getMemoryFlag(cmd.ram), util_1.getAddSnippetsFlag(cmd.addSnippets), util_1.getThreadsFlag(cmd.threads, logger), config, logger);
+        await analyze_1.runAnalyze(repository_1.parseRepositoryNwo(cmd.repository), cmd.commit, parseRef(cmd.ref), undefined, undefined, undefined, cmd.checkoutPath || process.cwd(), undefined, cmd.githubAuth, util_1.parseGithubUrl(cmd.githubUrl), cmd.upload, "runner", outputDir, util_1.getMemoryFlag(cmd.ram), util_1.getAddSnippetsFlag(cmd.addSnippets), util_1.getThreadsFlag(cmd.threads, logger), config, logger);
    }
    catch (e) {
        logger.error("Analyze failed");
@ -259,7 +241,7 @@ program
    .action(async (cmd) => {
    const logger = logging_1.getRunnerLogger(cmd.debug);
    try {
-        await upload_lib.upload(cmd.sarifFile, repository_1.parseRepositoryNwo(cmd.repository), cmd.commit, parseRef(cmd.ref), undefined, undefined, undefined, cmd.checkoutPath || process.cwd(), undefined, cmd.githubAuth, parseGithubUrl(cmd.githubUrl), "runner", logger);
+        await upload_lib.upload(cmd.sarifFile, repository_1.parseRepositoryNwo(cmd.repository), cmd.commit, parseRef(cmd.ref), undefined, undefined, undefined, cmd.checkoutPath || process.cwd(), undefined, cmd.githubAuth, util_1.parseGithubUrl(cmd.githubUrl), "runner", logger);
    }
    catch (e) {
        logger.error("Upload failed");
--- a/lib/runner.js.map
+++ b/lib/runner.js.map
--- a/lib/util.js
+++ b/lib/util.js
@ -151,4 +151,43 @@ function getCodeQLDatabasePath(tempDir, language) {
    return path.resolve(getCodeQLDatabasesDir(tempDir), language);
 }
 exports.getCodeQLDatabasePath = getCodeQLDatabasePath;
+/**
+ * Parses user input of a github.com or GHES URL to a canonical form.
+ * Removes any API prefix or suffix if one is present.
+ */
+function parseGithubUrl(inputUrl) {
+    const originalUrl = inputUrl;
+    if (inputUrl.indexOf("://") === -1) {
+        inputUrl = `https://${inputUrl}`;
+    }
+    if (!inputUrl.startsWith("http://") && !inputUrl.startsWith("https://")) {
+        throw new Error(`"${originalUrl}" is not a http or https URL`);
+    }
+    let url;
+    try {
+        url = new URL(inputUrl);
+    }
+    catch (e) {
+        throw new Error(`"${originalUrl}" is not a valid URL`);
+    }
+    // If we detect this is trying to be to github.com
+    // then return with a fixed canonical URL.
+    if (url.hostname === "github.com" || url.hostname === "api.github.com") {
+        return "https://github.com/";
+    }
+    // Remove the API prefix if it's present
+    if (url.pathname.indexOf("/api/v3") !== -1) {
+        url.pathname = url.pathname.substring(0, url.pathname.indexOf("/api/v3"));
+    }
+    // Also consider subdomain isolation on GHES
+    if (url.hostname.startsWith("api.")) {
+        url.hostname = url.hostname.substring(4);
+    }
+    // Normalise path to having a trailing slash for consistency
+    if (!url.pathname.endsWith("/")) {
+        url.pathname = `${url.pathname}/`;
+    }
+    return url.toString();
+}
+exports.parseGithubUrl = parseGithubUrl;
 //# sourceMappingURL=util.js.map
--- a/lib/util.js.map
+++ b/lib/util.js.map
@ -1 +1 @@
-{"version":3,"file":"util.js","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AACzB,uCAAyB;AACzB,2CAA6B;AAU7B;;GAEG;AACU,QAAA,iBAAiB,GAAG,oBAAoB,CAAC;AAEtD;;GAEG;AACH,SAAgB,uBAAuB;IACrC,MAAM,OAAO,GAAG,6BAA6B,CAAC;IAC9C,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACjC,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE;QACzC,OAAO,EAAE,CAAC;KACX;IACD,IAAI;QACF,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;KACxB;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,IAAI,KAAK,CACb,GAAG,OAAO,kEAAkE,CAAC,CAAC,OAAO,EAAE,CACxF,CAAC;KACH;AACH,CAAC;AAbD,0DAaC;AAED,SAAgB,UAAU;IACxB,OAAO,CACL,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB;QAC9B,OAAO,CAAC,GAAG,CAAC,gBAAgB,KAAK,OAAO;QACxC,OAAO,CAAC,GAAG,CAAC,gBAAgB,KAAK,GAAG,CACrC,CAAC;AACJ,CAAC;AAND,gCAMC;AAED;;;;GAIG;AACH,SAAgB,YAAY,CAAC,aAAqB;IAChD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;IACxC,MAAM,SAAS,GAAG,EAAE,CAAC;IAErB,KAAK,MAAM,GAAG,IAAI,KAAK,CAAC,IAAI,IAAI,EAAE,EAAE;QAClC,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC;QAC5B,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,IAAI,EAAE,CAAC;QACjC,IAAI,OAAO,MAAM,CAAC,IAAI,KAAK,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE;YAC7D,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;SAC/B;KACF;IAED,OAAO,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;AAChC,CAAC;AAbD,oCAaC;AAED,6FAA6F;AAC7F,wCAAwC;AACjC,KAAK,UAAU,UAAU,CAC9B,IAAoC;IAEpC,MAAM,MAAM,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,gBAAgB,CAAC,CAAC,CAAC;IACxE,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC7C,EAAE,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;IACzB,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IACnD,EAAE,CAAC,WAAW,CAAC,UAAU,EAAE,aAAa,EAAE,KAAK,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,CAAC;IACzC,EAAE,CAAC,SAAS,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC1C,OAAO,MAAM,CAAC;AAChB,CAAC;AAXD,gCAWC;AAED;;;;;GAKG;AACH,SAAgB,aAAa,CAAC,SAA6B;IACzD,IAAI,oBAA4B,CAAC;IACjC,IAAI,SAAS,EAAE;QACb,oBAAoB,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QACzC,IAAI,MAAM,CAAC,KAAK,CAAC,oBAAoB,CAAC,IAAI,oBAAoB,IAAI,CAAC,EAAE;YACnE,MAAM,IAAI,KAAK,CAAC,wBAAwB,SAAS,eAAe,CAAC,CAAC;SACnE;KACF;SAAM;QACL,MAAM,gBAAgB,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC;QACvC,MAAM,oBAAoB,GAAG,gBAAgB,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;QAC9D,MAAM,6BAA6B,GAAG,GAAG,CAAC;QAC1C,oBAAoB,GAAG,oBAAoB,GAAG,6BAA6B,CAAC;KAC7E;IACD,OAAO,SAAS,IAAI,CAAC,KAAK,CAAC,oBAAoB,CAAC,EAAE,CAAC;AACrD,CAAC;AAdD,sCAcC;AAED;;;;GAIG;AACH,SAAgB,kBAAkB,CAChC,SAAuC;IAEvC,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE;QACjC,sEAAsE;QACtE,SAAS,GAAG,SAAS,CAAC,WAAW,EAAE,KAAK,MAAM,CAAC;KAChD;IACD,OAAO,SAAS,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,yBAAyB,CAAC;AACxE,CAAC;AARD,gDAQC;AAED;;;;;;;GAOG;AACH,SAAgB,cAAc,CAC5B,SAA6B,EAC7B,MAAc;IAEd,IAAI,UAAkB,CAAC;IACvB,MAAM,UAAU,GAAG,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,CAAC;IACpC,IAAI,SAAS,EAAE;QACb,UAAU,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QAC/B,IAAI,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE;YAC5B,MAAM,IAAI,KAAK,CAAC,4BAA4B,SAAS,eAAe,CAAC,CAAC;SACvE;QACD,IAAI,UAAU,GAAG,UAAU,EAAE;YAC3B,MAAM,CAAC,IAAI,CACT,uCAAuC,UAAU,uBAAuB,UAAU,IAAI,CACvF,CAAC;YACF,UAAU,GAAG,UAAU,CAAC;SACzB;QACD,MAAM,UAAU,GAAG,CAAC,UAAU,CAAC;QAC/B,IAAI,UAAU,GAAG,UAAU,EAAE;YAC3B,MAAM,CAAC,IAAI,CACT,4CAA4C,UAAU,uBAAuB,UAAU,IAAI,CAC5F,CAAC;YACF,UAAU,GAAG,UAAU,CAAC;SACzB;KACF;SAAM;QACL,+BAA+B;QAC/B,UAAU,GAAG,UAAU,CAAC;KACzB;IACD,OAAO,aAAa,UAAU,EAAE,CAAC;AACnC,CAAC;AA7BD,wCA6BC;AAED;;GAEG;AACH,SAAgB,qBAAqB,CAAC,OAAe;IACnD,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;AACnD,CAAC;AAFD,sDAEC;AAED;;GAEG;AACH,SAAgB,qBAAqB,CAAC,OAAe,EAAE,QAAkB;IACvE,OAAO,IAAI,CAAC,OAAO,CAAC,qBAAqB,CAAC,OAAO,CAAC,EAAE,QAAQ,CAAC,CAAC;AAChE,CAAC;AAFD,sDAEC"}
+{"version":3,"file":"util.js","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AACzB,uCAAyB;AACzB,2CAA6B;AAU7B;;GAEG;AACU,QAAA,iBAAiB,GAAG,oBAAoB,CAAC;AAEtD;;GAEG;AACH,SAAgB,uBAAuB;IACrC,MAAM,OAAO,GAAG,6BAA6B,CAAC;IAC9C,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACjC,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE;QACzC,OAAO,EAAE,CAAC;KACX;IACD,IAAI;QACF,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;KACxB;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,IAAI,KAAK,CACb,GAAG,OAAO,kEAAkE,CAAC,CAAC,OAAO,EAAE,CACxF,CAAC;KACH;AACH,CAAC;AAbD,0DAaC;AAED,SAAgB,UAAU;IACxB,OAAO,CACL,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB;QAC9B,OAAO,CAAC,GAAG,CAAC,gBAAgB,KAAK,OAAO;QACxC,OAAO,CAAC,GAAG,CAAC,gBAAgB,KAAK,GAAG,CACrC,CAAC;AACJ,CAAC;AAND,gCAMC;AAED;;;;GAIG;AACH,SAAgB,YAAY,CAAC,aAAqB;IAChD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;IACxC,MAAM,SAAS,GAAG,EAAE,CAAC;IAErB,KAAK,MAAM,GAAG,IAAI,KAAK,CAAC,IAAI,IAAI,EAAE,EAAE;QAClC,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC;QAC5B,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,IAAI,EAAE,CAAC;QACjC,IAAI,OAAO,MAAM,CAAC,IAAI,KAAK,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE;YAC7D,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;SAC/B;KACF;IAED,OAAO,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;AAChC,CAAC;AAbD,oCAaC;AAED,6FAA6F;AAC7F,wCAAwC;AACjC,KAAK,UAAU,UAAU,CAC9B,IAAoC;IAEpC,MAAM,MAAM,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,gBAAgB,CAAC,CAAC,CAAC;IACxE,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC7C,EAAE,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;IACzB,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IACnD,EAAE,CAAC,WAAW,CAAC,UAAU,EAAE,aAAa,EAAE,KAAK,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,CAAC;IACzC,EAAE,CAAC,SAAS,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC1C,OAAO,MAAM,CAAC;AAChB,CAAC;AAXD,gCAWC;AAED;;;;;GAKG;AACH,SAAgB,aAAa,CAAC,SAA6B;IACzD,IAAI,oBAA4B,CAAC;IACjC,IAAI,SAAS,EAAE;QACb,oBAAoB,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QACzC,IAAI,MAAM,CAAC,KAAK,CAAC,oBAAoB,CAAC,IAAI,oBAAoB,IAAI,CAAC,EAAE;YACnE,MAAM,IAAI,KAAK,CAAC,wBAAwB,SAAS,eAAe,CAAC,CAAC;SACnE;KACF;SAAM;QACL,MAAM,gBAAgB,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC;QACvC,MAAM,oBAAoB,GAAG,gBAAgB,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;QAC9D,MAAM,6BAA6B,GAAG,GAAG,CAAC;QAC1C,oBAAoB,GAAG,oBAAoB,GAAG,6BAA6B,CAAC;KAC7E;IACD,OAAO,SAAS,IAAI,CAAC,KAAK,CAAC,oBAAoB,CAAC,EAAE,CAAC;AACrD,CAAC;AAdD,sCAcC;AAED;;;;GAIG;AACH,SAAgB,kBAAkB,CAChC,SAAuC;IAEvC,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE;QACjC,sEAAsE;QACtE,SAAS,GAAG,SAAS,CAAC,WAAW,EAAE,KAAK,MAAM,CAAC;KAChD;IACD,OAAO,SAAS,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,yBAAyB,CAAC;AACxE,CAAC;AARD,gDAQC;AAED;;;;;;;GAOG;AACH,SAAgB,cAAc,CAC5B,SAA6B,EAC7B,MAAc;IAEd,IAAI,UAAkB,CAAC;IACvB,MAAM,UAAU,GAAG,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,CAAC;IACpC,IAAI,SAAS,EAAE;QACb,UAAU,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QAC/B,IAAI,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE;YAC5B,MAAM,IAAI,KAAK,CAAC,4BAA4B,SAAS,eAAe,CAAC,CAAC;SACvE;QACD,IAAI,UAAU,GAAG,UAAU,EAAE;YAC3B,MAAM,CAAC,IAAI,CACT,uCAAuC,UAAU,uBAAuB,UAAU,IAAI,CACvF,CAAC;YACF,UAAU,GAAG,UAAU,CAAC;SACzB;QACD,MAAM,UAAU,GAAG,CAAC,UAAU,CAAC;QAC/B,IAAI,UAAU,GAAG,UAAU,EAAE;YAC3B,MAAM,CAAC,IAAI,CACT,4CAA4C,UAAU,uBAAuB,UAAU,IAAI,CAC5F,CAAC;YACF,UAAU,GAAG,UAAU,CAAC;SACzB;KACF;SAAM;QACL,+BAA+B;QAC/B,UAAU,GAAG,UAAU,CAAC;KACzB;IACD,OAAO,aAAa,UAAU,EAAE,CAAC;AACnC,CAAC;AA7BD,wCA6BC;AAED;;GAEG;AACH,SAAgB,qBAAqB,CAAC,OAAe;IACnD,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;AACnD,CAAC;AAFD,sDAEC;AAED;;GAEG;AACH,SAAgB,qBAAqB,CAAC,OAAe,EAAE,QAAkB;IACvE,OAAO,IAAI,CAAC,OAAO,CAAC,qBAAqB,CAAC,OAAO,CAAC,EAAE,QAAQ,CAAC,CAAC;AAChE,CAAC;AAFD,sDAEC;AAED;;;GAGG;AACH,SAAgB,cAAc,CAAC,QAAgB;IAC7C,MAAM,WAAW,GAAG,QAAQ,CAAC;IAC7B,IAAI,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE;QAClC,QAAQ,GAAG,WAAW,QAAQ,EAAE,CAAC;KAClC;IACD,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE;QACvE,MAAM,IAAI,KAAK,CAAC,IAAI,WAAW,8BAA8B,CAAC,CAAC;KAChE;IAED,IAAI,GAAQ,CAAC;IACb,IAAI;QACF,GAAG,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC;KACzB;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,IAAI,KAAK,CAAC,IAAI,WAAW,sBAAsB,CAAC,CAAC;KACxD;IAED,kDAAkD;IAClD,0CAA0C;IAC1C,IAAI,GAAG,CAAC,QAAQ,KAAK,YAAY,IAAI,GAAG,CAAC,QAAQ,KAAK,gBAAgB,EAAE;QACtE,OAAO,qBAAqB,CAAC;KAC9B;IAED,wCAAwC;IACxC,IAAI,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE;QAC1C,GAAG,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC;KAC3E;IACD,4CAA4C;IAC5C,IAAI,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE;QACnC,GAAG,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;KAC1C;IAED,4DAA4D;IAC5D,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;QAC/B,GAAG,CAAC,QAAQ,GAAG,GAAG,GAAG,CAAC,QAAQ,GAAG,CAAC;KACnC;IAED,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;AACxB,CAAC;AArCD,wCAqCC"}
--- a/lib/util.test.js
+++ b/lib/util.test.js
@ -99,4 +99,28 @@ ava_1.default("getExtraOptionsEnvParam() fails on invalid JSON", (t) => {
    t.throws(util.getExtraOptionsEnvParam);
    process.env.CODEQL_ACTION_EXTRA_OPTIONS = origExtraOptions;
 });
+ava_1.default("parseGithubUrl", (t) => {
+    t.deepEqual(util.parseGithubUrl("github.com"), "https://github.com/");
+    t.deepEqual(util.parseGithubUrl("https://github.com"), "https://github.com/");
+    t.deepEqual(util.parseGithubUrl("https://api.github.com"), "https://github.com/");
+    t.deepEqual(util.parseGithubUrl("https://github.com/foo/bar"), "https://github.com/");
+    t.deepEqual(util.parseGithubUrl("github.example.com"), "https://github.example.com/");
+    t.deepEqual(util.parseGithubUrl("https://github.example.com"), "https://github.example.com/");
+    t.deepEqual(util.parseGithubUrl("https://api.github.example.com"), "https://github.example.com/");
+    t.deepEqual(util.parseGithubUrl("https://github.example.com/api/v3"), "https://github.example.com/");
+    t.deepEqual(util.parseGithubUrl("https://github.example.com:1234"), "https://github.example.com:1234/");
+    t.deepEqual(util.parseGithubUrl("https://api.github.example.com:1234"), "https://github.example.com:1234/");
+    t.deepEqual(util.parseGithubUrl("https://github.example.com:1234/api/v3"), "https://github.example.com:1234/");
+    t.deepEqual(util.parseGithubUrl("https://github.example.com/base/path"), "https://github.example.com/base/path/");
+    t.deepEqual(util.parseGithubUrl("https://github.example.com/base/path/api/v3"), "https://github.example.com/base/path/");
+    t.throws(() => util.parseGithubUrl(""), {
+        message: '"" is not a valid URL',
+    });
+    t.throws(() => util.parseGithubUrl("ssh://github.com"), {
+        message: '"ssh://github.com" is not a http or https URL',
+    });
+    t.throws(() => util.parseGithubUrl("http:///::::433"), {
+        message: '"http:///::::433" is not a valid URL',
+    });
+});
 //# sourceMappingURL=util.test.js.map
--- a/lib/util.test.js.map
+++ b/lib/util.test.js.map
--- a/src/runner.ts
+++ b/src/runner.ts
@ -12,32 +12,16 @@ import { Language, parseLanguage } from "./languages";
 import { getRunnerLogger } from "./logging";
 import { parseRepositoryNwo } from "./repository";
 import * as upload_lib from "./upload-lib";
-import { getAddSnippetsFlag, getMemoryFlag, getThreadsFlag } from "./util";
+import {
+  getAddSnippetsFlag,
+  getMemoryFlag,
+  getThreadsFlag,
+  parseGithubUrl,
+} from "./util";

 const program = new Command();
 program.version("0.0.1");

-function parseGithubUrl(inputUrl: string): string {
-  try {
-    const url = new URL(inputUrl);
-
-    // If we detect this is trying to be to github.com
-    // then return with a fixed canonical URL.
-    if (url.hostname === "github.com" || url.hostname === "api.github.com") {
-      return "https://github.com";
-    }
-
-    // Remove the API prefix if it's present
-    if (url.pathname.indexOf("/api/v3") !== -1) {
-      url.pathname = url.pathname.substring(0, url.pathname.indexOf("/api/v3"));
-    }
-
-    return url.toString();
-  } catch (e) {
-    throw new Error(`"${inputUrl}" is not a valid URL`);
-  }
-}
-
 function getTempDir(userInput: string | undefined): string {
  const tempDir = path.join(userInput || process.cwd(), "codeql-runner");
  if (!fs.existsSync(tempDir)) {
--- a/src/util.test.ts
+++ b/src/util.test.ts
@ -122,3 +122,63 @@ test("getExtraOptionsEnvParam() fails on invalid JSON", (t) => {

  process.env.CODEQL_ACTION_EXTRA_OPTIONS = origExtraOptions;
 });
+
+test("parseGithubUrl", (t) => {
+  t.deepEqual(util.parseGithubUrl("github.com"), "https://github.com/");
+  t.deepEqual(util.parseGithubUrl("https://github.com"), "https://github.com/");
+  t.deepEqual(
+    util.parseGithubUrl("https://api.github.com"),
+    "https://github.com/"
+  );
+  t.deepEqual(
+    util.parseGithubUrl("https://github.com/foo/bar"),
+    "https://github.com/"
+  );
+
+  t.deepEqual(
+    util.parseGithubUrl("github.example.com"),
+    "https://github.example.com/"
+  );
+  t.deepEqual(
+    util.parseGithubUrl("https://github.example.com"),
+    "https://github.example.com/"
+  );
+  t.deepEqual(
+    util.parseGithubUrl("https://api.github.example.com"),
+    "https://github.example.com/"
+  );
+  t.deepEqual(
+    util.parseGithubUrl("https://github.example.com/api/v3"),
+    "https://github.example.com/"
+  );
+  t.deepEqual(
+    util.parseGithubUrl("https://github.example.com:1234"),
+    "https://github.example.com:1234/"
+  );
+  t.deepEqual(
+    util.parseGithubUrl("https://api.github.example.com:1234"),
+    "https://github.example.com:1234/"
+  );
+  t.deepEqual(
+    util.parseGithubUrl("https://github.example.com:1234/api/v3"),
+    "https://github.example.com:1234/"
+  );
+  t.deepEqual(
+    util.parseGithubUrl("https://github.example.com/base/path"),
+    "https://github.example.com/base/path/"
+  );
+  t.deepEqual(
+    util.parseGithubUrl("https://github.example.com/base/path/api/v3"),
+    "https://github.example.com/base/path/"
+  );
+
+  t.throws(() => util.parseGithubUrl(""), {
+    message: '"" is not a valid URL',
+  });
+  t.throws(() => util.parseGithubUrl("ssh://github.com"), {
+    message: '"ssh://github.com" is not a http or https URL',
+  });
+  t.throws(() => util.parseGithubUrl("http:///::::433"), {
+    message: '"http:///::::433" is not a valid URL',
+  });
+});
--- a/src/util.ts
+++ b/src/util.ts
@ -165,3 +165,46 @@ export function getCodeQLDatabasesDir(tempDir: string) {
 export function getCodeQLDatabasePath(tempDir: string, language: Language) {
  return path.resolve(getCodeQLDatabasesDir(tempDir), language);
 }
+
+/**
+ * Parses user input of a github.com or GHES URL to a canonical form.
+ * Removes any API prefix or suffix if one is present.
+ */
+export function parseGithubUrl(inputUrl: string): string {
+  const originalUrl = inputUrl;
+  if (inputUrl.indexOf("://") === -1) {
+    inputUrl = `https://${inputUrl}`;
+  }
+  if (!inputUrl.startsWith("http://") && !inputUrl.startsWith("https://")) {
+    throw new Error(`"${originalUrl}" is not a http or https URL`);
+  }
+
+  let url: URL;
+  try {
+    url = new URL(inputUrl);
+  } catch (e) {
+    throw new Error(`"${originalUrl}" is not a valid URL`);
+  }
+
+  // If we detect this is trying to be to github.com
+  // then return with a fixed canonical URL.
+  if (url.hostname === "github.com" || url.hostname === "api.github.com") {
+    return "https://github.com/";
+  }
+
+  // Remove the API prefix if it's present
+  if (url.pathname.indexOf("/api/v3") !== -1) {
+    url.pathname = url.pathname.substring(0, url.pathname.indexOf("/api/v3"));
+  }
+  // Also consider subdomain isolation on GHES
+  if (url.hostname.startsWith("api.")) {
+    url.hostname = url.hostname.substring(4);
+  }
+
+  // Normalise path to having a trailing slash for consistency
+  if (!url.pathname.endsWith("/")) {
+    url.pathname = `${url.pathname}/`;
+  }
+
+  return url.toString();
+}