Sanitize inputs

lib/start-proxy.test.js

@@ -78,4 +78,18 @@ const testing_utils_1 = require("./testing-utils");
     const credentials = startProxyExports.getCredentials((0, logging_1.getRunnerLogger)(true), undefined, credentialsInput, undefined);
     t.is(credentials.length, 3);
 });
+(0, ava_1.default)("getCredentials throws an error when non-printable characters are used", async (t) => {
+    const invalidCredentials = [
+        { type: "nuget_feed", host: "1nuget.pkg.github.com", token: "abc\u0000" }, // Non-printable character in token
+        { type: "nuget_feed", host: "2nuget.pkg.github.com\u0001" }, // Non-printable character in host
+        { type: "nuget_feed", host: "3nuget.pkg.github.com", password: "ghi\u0002" }, // Non-printable character in password
+        { type: "nuget_feed", host: "4nuget.pkg.github.com", password: "ghi\x00" }, // Non-printable character in password
+    ];
+    for (const invalidCredential of invalidCredentials) {
+        const credentialsInput = Buffer.from(JSON.stringify([invalidCredential])).toString("base64");
+        t.throws(() => startProxyExports.getCredentials((0, logging_1.getRunnerLogger)(true), undefined, credentialsInput, undefined), {
+            message: "Invalid credentials - fields must contain only printable characters",
+        });
+    }
+});
 //# sourceMappingURL=start-proxy.test.js.map