Files @ a444c46a0649
Branch filter:

Location: kallithea/setup.cfg

a444c46a0649 726 B text/x-ini Show Annotation Show as Raw Download as Raw
Mads Kiilerich
middleware: fix handling of Git 'info/refs' command to give correct access control

For a pull, the Git client first sends an 'info/refs' command with a
'service=git-upload-pack' query, then it sends the actual 'git-upload-pack'
command.

For a push, the Git client first sends an 'info/refs' command with a
'service=git-receive-pack' query, then it sends the actual 'git-receive-pack'
command.

Before, the 'info/refs' commands would fall back to the default of trying to
use the action of the previous request. That seems wrong.

Instead, authorize the 'info/refs' command just like the actual command it
references.

path_info will now be checked more than before. Mainly because that is more
correct and more explicit and "better" to do it that way. It might also give
some safety.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
[egg_info]
tag_build =
tag_svn_revision = 0
tag_date = 0

[aliases]
test = pytest

[compile_catalog]
domain = kallithea
directory = kallithea/i18n
statistics = true

[extract_messages]
add_comments = TRANSLATORS:
output_file = kallithea/i18n/kallithea.pot
msgid-bugs-address = translations@kallithea-scm.org
copyright-holder = Various authors, licensing as GPLv3
no-wrap = true

[init_catalog]
domain = kallithea
input_file = kallithea/i18n/kallithea.pot
output_dir = kallithea/i18n

[update_catalog]
domain = kallithea
input_file = kallithea/i18n/kallithea.pot
output_dir = kallithea/i18n
previous = true

[build_sphinx]
source-dir = docs/
build-dir = docs/_build
all_files = 1

[upload_sphinx]
upload-dir = docs/_build/html
This site is powered by Kallithea 0.7.0, which is © 2010–2025 by various authors & licensed under GPLv3.