Changeset - 8d0362047e29
Parent rev.
Child rev.
[Not reviewed]
default
0 1 0
Mads Kiilerich - 7 years ago 2019-01-08 13:02:34
mads@kiilerich.com
middleware: don't allow trailing text after Git commands

This is used for determining repos and commands and what access users should
have. We thus want to be very strict when parsing these commands.
1 file changed with 1 insertions and 1 deletions:
kallithea/lib/middleware/simplegit.py
1
1
0 comments (0 inline, 0 general)
kallithea/lib/middleware/simplegit.py
Show inline comments
 
@@ -43,13 +43,13 @@ from kallithea.lib.base import BaseVCSCo
 
from kallithea.lib.utils import make_ui, is_valid_repo
 
from kallithea.lib.middleware.pygrack import make_wsgi_app
 

			




	
	
	
		
 
log = logging.getLogger(__name__)

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
GIT_PROTO_PAT = re.compile(r'^/(.+)/(info/refs|git-upload-pack|git-receive-pack)')

			




	
	
	
		
 
GIT_PROTO_PAT = re.compile(r'^/(.+)/(info/refs|git-upload-pack|git-receive-pack)$')

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def is_git(environ):

			




	
	
	
		
 
    path_info = environ['PATH_INFO']

			




	
	
	
		
 
    isgit_path = GIT_PROTO_PAT.match(path_info)

			




	
	
	
		
 
    log.debug('pathinfo: %s detected as Git %s',

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.