Show More
| @@ -816,6 +816,19 b' def archive(web, req, tmpl):' | |||||
| 816 | if cnode == key or key == 'tip': |
|
816 | if cnode == key or key == 'tip': | |
| 817 | arch_version = short(cnode) |
|
817 | arch_version = short(cnode) | |
| 818 | name = "%s-%s" % (reponame, arch_version) |
|
818 | name = "%s-%s" % (reponame, arch_version) | |
|
|
819 | ||||
|
|
820 | ctx = webutil.changectx(web.repo, req) | |||
|
|
821 | pats = [] | |||
|
|
822 | file = req.form.get('file', None) | |||
|
|
823 | if file: | |||
|
|
824 | file = file[0] | |||
|
|
825 | patandfile = file.split(':') | |||
|
|
826 | if len(patandfile) > 1 and patandfile[0].lower() in ('glob', 'relglob', | |||
|
|
827 | 'path', 'relpath', 're', 'relre', 'set'): | |||
|
|
828 | msg = 'Archive pattern not allowed: %s' % file | |||
|
|
829 | raise ErrorResponse(HTTP_FORBIDDEN, msg) | |||
|
|
830 | pats = ['path:' + file] | |||
|
|
831 | ||||
| 819 | mimetype, artype, extension, encoding = web.archive_specs[type_] |
|
832 | mimetype, artype, extension, encoding = web.archive_specs[type_] | |
| 820 | headers = [ |
|
833 | headers = [ | |
| 821 | ('Content-Disposition', 'attachment; filename=%s%s' % (name, extension)) |
|
834 | ('Content-Disposition', 'attachment; filename=%s%s' % (name, extension)) | |
| @@ -825,9 +838,9 b' def archive(web, req, tmpl):' | |||||
| 825 | req.headers.extend(headers) |
|
838 | req.headers.extend(headers) | |
| 826 | req.respond(HTTP_OK, mimetype) |
|
839 | req.respond(HTTP_OK, mimetype) | |
| 827 |
|
840 | |||
| 828 | ctx = webutil.changectx(web.repo, req) |
|
841 | matchfn = scmutil.match(ctx, pats, default='path') | |
| 829 | archival.archive(web.repo, req, cnode, artype, prefix=name, |
|
842 | archival.archive(web.repo, req, cnode, artype, prefix=name, | |
| 830 |
matchfn= |
|
843 | matchfn=matchfn, | |
| 831 | subrepos=web.configbool("web", "archivesubrepos")) |
|
844 | subrepos=web.configbool("web", "archivesubrepos")) | |
| 832 | return [] |
|
845 | return [] | |
| 833 |
|
846 | |||
| @@ -101,6 +101,18 b' invalid arch type should give 404' | |||||
| 101 | testing: test-archive-2c0277f05ed4/foo OK |
|
101 | testing: test-archive-2c0277f05ed4/foo OK | |
| 102 | No errors detected in compressed data of archive.zip. |
|
102 | No errors detected in compressed data of archive.zip. | |
| 103 |
|
103 | |||
|
|
104 | test that we can download single directories and files | |||
|
|
105 | ||||
|
|
106 | $ python getarchive.py "$TIP" gz baz | gunzip | tar tf - 2>/dev/null | |||
|
|
107 | test-archive-2c0277f05ed4/baz/bletch | |||
|
|
108 | $ python getarchive.py "$TIP" gz foo | gunzip | tar tf - 2>/dev/null | |||
|
|
109 | test-archive-2c0277f05ed4/foo | |||
|
|
110 | ||||
|
|
111 | test that we reject unsafe patterns | |||
|
|
112 | ||||
|
|
113 | $ python getarchive.py "$TIP" gz relre:baz | |||
|
|
114 | HTTP Error 403: Archive pattern not allowed: relre:baz | |||
|
|
115 | ||||
| 104 | $ "$TESTDIR/killdaemons.py" $DAEMON_PIDS |
|
116 | $ "$TESTDIR/killdaemons.py" $DAEMON_PIDS | |
| 105 |
|
117 | |||
| 106 | $ hg archive -t tar test.tar |
|
118 | $ hg archive -t tar test.tar | |
General Comments 0
You need to be logged in to leave comments.
Login now