##// END OF EJS Templates
dispatch: protect against malicious 'hg serve --stdio' invocations (sec)...
dispatch: protect against malicious 'hg serve --stdio' invocations (sec) Some shared-ssh installations assume that 'hg serve --stdio' is a safe command to run for minimally trusted users. Unfortunately, the messy implementation of argument parsing here meant that trying to access a repo named '--debugger' would give the user a pdb prompt, thereby sidestepping any hoped-for sandboxing. Serving repositories over HTTP(S) is unaffected. We're not currently hardening any subcommands other than 'serve'. If your service exposes other commands to users with arbitrary repository names, it is imperative that you defend against repository names of '--debugger' and anything starting with '--config'. The read-only mode of hg-ssh stopped working because it provided its hook configuration to "hg serve --stdio" via --config parameter. This is banned for security reasons now. This patch switches it to directly call ui.setconfig(). If your custom hosting infrastructure relies on passing --config to "hg serve --stdio", you'll need to find a different way to get that configuration into Mercurial, either by using ui.setconfig() as hg-ssh does in this patch, or by placing an hgrc file someplace where Mercurial will read it. mitrandir@fb.com provided some extra fixes for the dispatch code and for hg-ssh in places that I overlooked.

File last commit:

r31808:ca3b4a2b default
r32050:77eaf953 4.1.3 stable
Show More
test-doctest.py
45 lines | 1.3 KiB | text/x-python | PythonLexer
Mads Kiilerich
tests: fix readline escape characters in output for test-doctest.py
r7041 # this is hack to make sure no escape characters are inserted into the output
Pulkit Goyal
tests: make test-doctest use absolute_import
r28933
from __future__ import absolute_import
import doctest
import os
import sys
Patrick Mezard
test-doctest: remove TERM env variable only if it's there
r7078 if 'TERM' in os.environ:
Dirkjan Ochtman
clean up trailing spaces
r7184 del os.environ['TERM']
Benoit Boissinot
[extendedchangelog] encode/decode function...
r3232
Mads Kiilerich
tests: make doctest test runner less verbose
r20047 def testmod(name, optionflags=0, testtarget=None):
__import__(name)
mod = sys.modules[name]
if testtarget is not None:
mod = getattr(mod, testtarget)
doctest.testmod(mod, optionflags=optionflags)
Sune Foldager
ui: add configint function and tests
r14171
Augie Fackler
changegroup: introduce cg3, which has support for exchanging treemanifests...
r27432 testmod('mercurial.changegroup')
Mads Kiilerich
tests: make doctest test runner less verbose
r20047 testmod('mercurial.changelog')
testmod('mercurial.dagparser', optionflags=doctest.NORMALIZE_WHITESPACE)
testmod('mercurial.dispatch')
testmod('mercurial.encoding')
Yuya Nishihara
formatter: add overview of API and example as doctest
r30560 testmod('mercurial.formatter')
Yuya Nishihara
clone: add doctest for default destination
r20799 testmod('mercurial.hg')
Mads Kiilerich
tests: make doctest test runner less verbose
r20047 testmod('mercurial.hgweb.hgwebdir_mod')
testmod('mercurial.match')
testmod('mercurial.minirst')
Siddharth Agarwal
patch.pathtransform: add doctests...
r24243 testmod('mercurial.patch')
FUJIWARA Katsunori
subrepo: normalize path in the specific way for problematic encodings...
r21568 testmod('mercurial.pathutil')
Yuya Nishihara
parser: add helper to reduce nesting of chained infix operations...
r25306 testmod('mercurial.parser')
Mads Kiilerich
tests: make doctest test runner less verbose
r20047 testmod('mercurial.revset')
testmod('mercurial.store')
Siddharth Agarwal
subrepo: factor out Git version check to add doctests...
r20840 testmod('mercurial.subrepo')
Mads Kiilerich
tests: make doctest test runner less verbose
r20047 testmod('mercurial.templatefilters')
Yuya Nishihara
templater: introduce one-pass parsing of nested template strings...
r25783 testmod('mercurial.templater')
Mads Kiilerich
tests: make doctest test runner less verbose
r20047 testmod('mercurial.ui')
testmod('mercurial.url')
testmod('mercurial.util')
testmod('mercurial.util', testtarget='platform')
Eugene Baranov
convert: use 'default' for specifying branch name in branchmap (issue4753)...
r25805 testmod('hgext.convert.convcmd')
Mads Kiilerich
tests: make doctest test runner less verbose
r20047 testmod('hgext.convert.cvsps')
Mads Kiilerich
convert: readability and test of rpairs function
r20048 testmod('hgext.convert.filemap')
Eugene Baranov
convert: unescape Perforce-escaped special characters in filenames
r25788 testmod('hgext.convert.p4')
Mads Kiilerich
convert: make subversion revsplit more stable when meeting revisions without @...
r20419 testmod('hgext.convert.subversion')
Mads Kiilerich
mq: refactor patchheader header ordering to match export (BC)...
r22546 testmod('hgext.mq')