##// END OF EJS Templates
dispatch: protect against malicious 'hg serve --stdio' invocations (sec)...
dispatch: protect against malicious 'hg serve --stdio' invocations (sec) Some shared-ssh installations assume that 'hg serve --stdio' is a safe command to run for minimally trusted users. Unfortunately, the messy implementation of argument parsing here meant that trying to access a repo named '--debugger' would give the user a pdb prompt, thereby sidestepping any hoped-for sandboxing. Serving repositories over HTTP(S) is unaffected. We're not currently hardening any subcommands other than 'serve'. If your service exposes other commands to users with arbitrary repository names, it is imperative that you defend against repository names of '--debugger' and anything starting with '--config'. The read-only mode of hg-ssh stopped working because it provided its hook configuration to "hg serve --stdio" via --config parameter. This is banned for security reasons now. This patch switches it to directly call ui.setconfig(). If your custom hosting infrastructure relies on passing --config to "hg serve --stdio", you'll need to find a different way to get that configuration into Mercurial, either by using ui.setconfig() as hg-ssh does in this patch, or by placing an hgrc file someplace where Mercurial will read it. mitrandir@fb.com provided some extra fixes for the dispatch code and for hg-ssh in places that I overlooked.

File last commit:

r25295:701df761 default
r32050:77eaf953 4.1.3 stable
Show More
test-branch-option.t
127 lines | 3.0 KiB | text/troff | Tads3Lexer
/ tests / test-branch-option.t
Martin Geisler
tests: unify test-branch-option
r11869 test branch selection options
$ hg init branch
$ cd branch
$ hg branch a
marked working directory as branch a
Matt Mackall
branch: warn on branching
r15615 (branches are permanent and global, did you want a bookmark?)
Martin Geisler
tests: unify test-branch-option
r11869 $ echo a > foo
$ hg ci -d '0 0' -Ama
adding foo
$ echo a2 > foo
$ hg ci -d '0 0' -ma2
$ hg up 0
1 files updated, 0 files merged, 0 files removed, 0 files unresolved
$ hg branch c
marked working directory as branch c
$ echo c > foo
$ hg ci -d '0 0' -mc
$ hg tag -l z
$ cd ..
$ hg clone -r 0 branch branch2
adding changesets
adding manifests
adding file changes
added 1 changesets with 1 changes to 1 files
updating to branch a
1 files updated, 0 files merged, 0 files removed, 0 files unresolved
$ cd branch2
$ hg up 0
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
$ hg branch b
marked working directory as branch b
$ echo b > foo
$ hg ci -d '0 0' -mb
$ hg up 0
1 files updated, 0 files merged, 0 files removed, 0 files unresolved
$ hg --encoding utf-8 branch æ
Mads Kiilerich
tests: use (esc) for all non-ASCII test output
r12942 marked working directory as branch \xc3\xa6 (esc)
Martin Geisler
tests: unify test-branch-option
r11869 $ echo ae1 > foo
$ hg ci -d '0 0' -mae1
$ hg up 0
1 files updated, 0 files merged, 0 files removed, 0 files unresolved
$ hg --encoding utf-8 branch -f æ
Mads Kiilerich
tests: use (esc) for all non-ASCII test output
r12942 marked working directory as branch \xc3\xa6 (esc)
Martin Geisler
tests: unify test-branch-option
r11869 $ echo ae2 > foo
$ hg ci -d '0 0' -mae2
created new head
$ hg up 0
1 files updated, 0 files merged, 0 files removed, 0 files unresolved
$ hg branch -f b
marked working directory as branch b
$ echo b2 > foo
$ hg ci -d '0 0' -mb2
created new head
unknown branch and fallback
$ hg in -qbz
abort: unknown branch 'z'!
Matt Mackall
tests: add exit codes to unified tests
r12316 [255]
Martin Geisler
tests: unify test-branch-option
r11869 $ hg in -q ../branch#z
2:f25d57ab0566
$ hg out -qbz
abort: unknown branch 'z'!
Matt Mackall
tests: add exit codes to unified tests
r12316 [255]
Martin Geisler
tests: unify test-branch-option
r11869
in rev c branch a
$ hg in -qr c ../branch#a
1:dd6e60a716c6
2:f25d57ab0566
$ hg in -qr c -b a
1:dd6e60a716c6
2:f25d57ab0566
out branch .
$ hg out -q ../branch#.
1:b84708d77ab7
4:65511d0e2b55
$ hg out -q -b .
1:b84708d77ab7
4:65511d0e2b55
out branch . non-ascii
$ hg --encoding utf-8 up æ
1 files updated, 0 files merged, 0 files removed, 0 files unresolved
$ hg --encoding latin1 out -q ../branch#.
2:df5a44224d4e
3:4f4a5125ca10
$ hg --encoding latin1 out -q -b .
2:df5a44224d4e
3:4f4a5125ca10
clone branch b
$ cd ..
$ hg clone branch2#b branch3
adding changesets
adding manifests
adding file changes
added 3 changesets with 3 changes to 1 files (+1 heads)
updating to branch b
1 files updated, 0 files merged, 0 files removed, 0 files unresolved
$ hg -q -R branch3 heads b
2:65511d0e2b55
1:b84708d77ab7
$ hg -q -R branch3 parents
2:65511d0e2b55
$ rm -rf branch3
clone rev a branch b
$ hg clone -r a branch2#b branch3
adding changesets
adding manifests
adding file changes
added 3 changesets with 3 changes to 1 files (+1 heads)
updating to branch a
1 files updated, 0 files merged, 0 files removed, 0 files unresolved
$ hg -q -R branch3 heads b
2:65511d0e2b55
1:b84708d77ab7
$ hg -q -R branch3 parents
0:5b65ba7c951d
$ rm -rf branch3