vcs: handle excessive slashes in from of the repo name path, fixes #5522
marcink -
r3328:44e97172 default
Not Reviewed
Show More
Add another comment
TODOs: 0 unresolved 0 Resolved
COMMENTS: 0 General 0 Inline
@@ -44,7 +44,11
44 44
45 45 :param environ: environ where PATH_INFO is stored
46 46 """
47 return environ['PATH_INFO'].strip('/')
47 repo_name = environ['PATH_INFO']
48 if repo_name and repo_name.startswith('/'):
49 # remove only the first leading /
50 repo_name = repo_name[1:]
51 return repo_name.rstrip('/')
48 52
49 53 _ACTION_MAPPING = {
50 54 'changegroup': 'pull',
@@ -147,8 +151,7
147 151 return default
148 152
149 153 def _create_wsgi_app(self, repo_path, repo_name, config):
150 return self.scm_app.create_hg_wsgi_app(
151 repo_path, repo_name, config)
154 return self.scm_app.create_hg_wsgi_app(repo_path, repo_name, config)
152 155
153 156 def _create_config(self, extras, repo_name):
154 157 config = utils.make_db_config(repo=repo_name)
@@ -153,12 +153,10
153 153
154 154 @property
155 155 def base_path(self):
156 settings_path = self.repo_vcs_config.get(
157 *VcsSettingsModel.PATH_SETTING)
156 settings_path = self.repo_vcs_config.get(*VcsSettingsModel.PATH_SETTING)
158 157
159 158 if not settings_path:
160 settings_path = self.global_vcs_config.get(
161 *VcsSettingsModel.PATH_SETTING)
159 settings_path = self.global_vcs_config.get(*VcsSettingsModel.PATH_SETTING)
162 160
163 161 if not settings_path:
164 162 # try, maybe we passed in explicitly as config option
@@ -396,7 +394,6
396 394 meta.Session.remove()
397 395
398 396 def _handle_request(self, environ, start_response):
399
400 397 if not self._check_ssl(environ, start_response):
401 398 reason = ('SSL required, while RhodeCode was unable '
402 399 'to detect this as SSL request')
@@ -514,8 +511,7
514 511 plugin_cache_active, cache_ttl = auth_result.get(
515 512 'auth_data', {}).get('_ttl_cache') or (False, 0)
516 513 else:
517 return auth_result.wsgi_application(
518 environ, start_response)
514 return auth_result.wsgi_application(environ, start_response)
519 515
520 516 # ==============================================================
521 517 # CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME
@@ -141,6 +141,16
141 141 stdout, stderr = Command('/tmp').execute('git clone', clone_url)
142 142 assert 'not found' in stderr
143 143
144 def test_clone_hg_with_slashes(self, rc_web_server, tmpdir):
145 clone_url = rc_web_server.repo_clone_url('//' + HG_REPO)
146 stdout, stderr = Command('/tmp').execute('hg clone', clone_url, tmpdir.strpath)
147 assert 'HTTP Error 404: Not Found' in stderr
148
149 def test_clone_git_with_slashes(self, rc_web_server, tmpdir):
150 clone_url = rc_web_server.repo_clone_url('//' + GIT_REPO)
151 stdout, stderr = Command('/tmp').execute('git clone', clone_url)
152 assert 'not found' in stderr
153
144 154 def test_clone_existing_path_hg_not_in_database(
145 155 self, rc_web_server, tmpdir, fs_repo_only):
146 156
Comments 0
You need to be logged in to leave comments. Login now