# HG changeset patch # User Martin Bornhold # Date 2016-09-27 07:07:05 # Node ID caf5ea418435b52bd53a3e1d053d7d32a4e6f2e8 # Parent 2c5a0bce3c08c6419b8825f25601dc89d03a609e svn-support: Add proper escaping to the mod_dav_svn template. #4244 Without quoting names/paths with spaces are not supported. diff --git a/rhodecode/svn_support/templates/mod-dav-svn.conf.mako b/rhodecode/svn_support/templates/mod-dav-svn.conf.mako --- a/rhodecode/svn_support/templates/mod-dav-svn.conf.mako +++ b/rhodecode/svn_support/templates/mod-dav-svn.conf.mako @@ -26,21 +26,21 @@ # - + # The mod_dav_svn module takes the username from the apache request object. # Without authorization this will be empty and no username is logged for the # transactions. This will result in "(no author)" for each revision. The # following directives implement a fake authentication that allows every # username/password combination. AuthType Basic - AuthName ${rhodecode_realm|n} + AuthName "${rhodecode_realm|n}" AuthBasicProvider anon Anonymous * Require valid-user DAV svn - SVNParentPath ${parent_path_root|n} - SVNListParentPath ${'On' if svn_list_parent_path else 'Off'|n} + SVNParentPath "${parent_path_root|n}" + SVNListParentPath ${"On" if svn_list_parent_path else "Off"|n} Allow from all Order allow,deny @@ -48,16 +48,16 @@ % for location, parent_path in repo_group_paths: - + AuthType Basic - AuthName ${rhodecode_realm|n} + AuthName "${rhodecode_realm|n}" AuthBasicProvider anon Anonymous * Require valid-user DAV svn - SVNParentPath ${parent_path|n} - SVNListParentPath ${'On' if svn_list_parent_path else 'Off'|n} + SVNParentPath "${parent_path|n}" + SVNListParentPath ${"On" if svn_list_parent_path else "Off"|n} Allow from all Order allow,deny