kallithea Files · init.d/celeryd-upstart.conf

Files @ 429c2c8a4354

Branch filter:

Location: kallithea/init.d/celeryd-upstart.conf - annotation

429c2c8a4354 932 B text/plain Show Source Show as Raw Download as Raw

Mads Kiilerich

pullrequests: prevent XSS in @mention completion when first and last names cannot be trusted

atwho used in MentionsAutoComplete is passing raw user controlled data which
might contain HTML markup.

That could cause XSS issues when completion hit a rogue user name.

To avoid that, make sure displayTpl always escape user information, as
recommended in https://github.com/ichord/At.js/issues/334 .

99ad9d0af1a3
58df0b3ed377
58df0b3ed377
58df0b3ed377
e285bb7abb28
e285bb7abb28
58df0b3ed377
99ad9d0af1a3
99ad9d0af1a3
58df0b3ed377
58df0b3ed377
58df0b3ed377
58df0b3ed377
58df0b3ed377
58df0b3ed377
99ad9d0af1a3
58df0b3ed377
58df0b3ed377
58df0b3ed377
58df0b3ed377
58df0b3ed377
58df0b3ed377
58df0b3ed377
1d539bb18165
58df0b3ed377
58df0b3ed377
58df0b3ed377
58df0b3ed377
58df0b3ed377
58df0b3ed377
58df0b3ed377
58df0b3ed377
58df0b3ed377
58df0b3ed377

# celeryd - run the celeryd daemon as an upstart job for kallithea
# Change variables/paths as necessary and place file /etc/init/celeryd.conf
# start/stop/restart as normal upstart job (ie: $ start celeryd)

description     "Celery for Kallithea Mercurial Server"
author          "Matt Zuba <matt.zuba@goodwillaz.org"

start on starting kallithea
stop on stopped kallithea

respawn

umask 0022

env PIDFILE=/tmp/celeryd.pid
env APPINI=/var/hg/kallithea/production.ini
env HOME=/var/hg
env USER=hg
# To use group (if different from user), you must edit sudoers file and change
# root's entry from (ALL) to (ALL:ALL)
# env GROUP=hg

script
    COMMAND="/var/hg/.virtualenvs/kallithea/bin/kallithea-cli celery-run -c $APPINI -- --pidfile=$PIDFILE"
    if [ -z "$GROUP" ]; then
        exec sudo -u $USER $COMMAND
    else
        exec sudo -u $USER -g $GROUP $COMMAND
    fi
end script

post-stop script
    rm -f $PIDFILE
end script